Microsoft's December Patch Tuesday Fixes Actively Exploited Zero-Day and Critical RCE Vulnerabilities

In its final Patch Tuesday of 2024, Microsoft released security updates to address 71 vulnerabilities, including an actively exploited zero-day flaw.

The latest security update rollout also includes fixes for 16 flaws deemed critical, predominantly remote code execution (RCE) vulnerabilities.

Breakdown of addressed vulnerabilities

As BleepingComputer reported, the shortcomings addressed in Microsoft’s latest release span a broad range of categories, including:

• 27 Elevation of Privilege flaws
• 30 Remote Code Execution (RCE) vulnerabilities
• 7 Information Disclosure vulnerabilities
• 5 Denial of Service (DoS) flaws
• 1 Spoofing vulnerability

The list excludes two vulnerabilities in Microsoft Edge that were patched in earlier updates on December 5 and 6.

Actively exploited zero-day: CVE-2024-49138

The most notable vulnerability, CVE-2024-49138, is a critical elevation of privilege flaw impacting Windows’ Common Log File System (CLFS) Driver.

This flaw has been exploited in attacks in the wild, allowing attackers to gain SYSTEM-level privileges on vulnerable Windows devices.

Critical RCE Vulnerabilities

Among the 16 critical vulnerabilities addressed, several others stand out due to their potential impact:

• CVE-2024-49112: Critical unauthenticated Windows Lightweight Directory Access Protocol (LDAP) RCE flaw that could allow threat actors to execute arbitrary code remotely
• CVE-2024-49117: Windows Hyper-V RCE vulnerability that could let attackers execute code on host machines, potentially compromising virtualized environments
• CVE-2024-49122: Microsoft Message Queueing (MSMQ) RCE flaw that could let attackers send malicious packets to an MSMQ server to achieve unauthorized code execution

Recommendations for users and administrators

Windows users and administrators should prioritize installing the latest batch of security updates to deter attacks that exploit the listed vulnerabilities.

Using a dedicated security solution like Bitdefender Ultimate Security can boost your cyber resilience. It detects and neutralizes viruses, Trojans, worms, zero-day exploits, ransomware, spyware, rootkits, and other digital threats.

Additionally, it encompasses advanced features including behavioral analysis for active apps, network threat prevention, a vulnerability assessment tool, AI-powered scam detection, web attack prevention modules and multi-layer ransomware protection.