Microsoft and Adobe's November 2024 Security Update Assessment: A Look at the Patch Tuesday Updates

Microsoft and Adobe's November 2024 Security Update Assessment: A Look at the Patch Tuesday Updates

Microsoft has released its monthly security updates, addressing a total of 92 vulnerabilities in various software. The updates include fixes for four zero-day vulnerabilities, two of which are known to be exploited in the wild.

Critical Vulnerabilities Addressed

Among the critical vulnerabilities addressed are several elevation of privilege (EoP) flaws. These include:

• CVE-2024-43630 and CVE-2024-43629 in the Windows Kernel and DWM Core Library, respectively, which, upon successful exploitation, may grant an attacker SYSTEM privileges.
• CVE-2024-43623 in the Windows NT OS Kernel, an exploit of which could also result in SYSTEM privileges for an attacker.
• CVE-2024-43636 in Win32k, another EoP vulnerability that may allow an attacker to gain SYSTEM privileges upon successful exploitation.

Other Significant Vulnerabilities

Other notable vulnerabilities addressed in the updates include:

• CVE-2024-49019, an Active Directory Certificate Services EoP vulnerability that may allow an attacker to gain domain administrator privileges upon successful exploitation.
• CVE-2024-49056, an Airlift.microsoft.com EoP vulnerability that may allow an authorized attacker to elevate privileges over a network.
• CVE-2024-43451, an NTLM Hash Disclosure Spoofing Vulnerability that may allow an attacker to disclose a user's NTLMv2 hash upon successful exploitation.
• CVE-2024-49039, a Windows Task Scheduler EoP vulnerability that may allow an authenticated attacker to execute RPC functions restricted to privileged accounts only upon successful exploitation.
• CVE-2024-43642, a denial-of-service vulnerability in Windows SMB that may allow an attacker to create a denial-of-service (DoS) attack.
• CVE-2024-43639, a Windows Kerberos Remote Code Execution Vulnerability that may allow an unauthenticated attacker to perform remote code execution against the target.

Additional Updates

The updates also include fixes for spoofing, Denial of Service (DoS), EoP, Information Disclosure, Security Feature Bypass, and Remote Code Execution (RCE) vulnerabilities in multiple software.

Updates were included for vulnerabilities in .NET and Visual Studio, Windows Hyper-V, SQL Server, Windows Kerberos, Windows Kernel, Windows NT OS Kernel, Windows DWM Core Library, Windows Active Directory Certificate Services, and more.

Microsoft Edge Updates

Two vulnerabilities were addressed in Microsoft Edge (Chromium-based) in this month's updates.

Adobe Security Updates

Adobe has also released security updates to address 48 vulnerabilities in Adobe Bridge, Adobe Audition, Adobe After Effects, Substance 3D Painter, Adobe Illustrator, Adobe InDesign, Adobe Photoshop, and Adobe Commerce. Twenty-eight of these vulnerabilities were given critical severity ratings.

Patch Tuesday Webinar

The next Patch Tuesday falls on December 10, and Qualys Research team will host a webinar to discuss high-impact vulnerabilities and necessary steps to address them using Qualys VMDR and Qualys Patch Management. Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledgebase (KB). Qualys hosts a monthly webinar series to help customers leverage the integration between Qualys Vulnerability Management Detection Response (VMDR) and Qualys Patch Management, reducing the median time to remediate critical vulnerabilities.

Defense in Depth Update

This month's updates included one Defense in Depth update for Microsoft SharePoint Server.

Microsoft Exchange Server Vulnerability

CVE-2024-49040 is a Microsoft Exchange Server spoofing vulnerability for which Microsoft has not provided any information.

Qualys Policy Compliance Updates

Qualys Policy Compliance team has updated Control IDs to support Microsoft recommended mitigation(s) for this Patch Tuesday, including for CVE-2024-49019: Active Directory Certificate Services Elevation of Privilege Vulnerability.

Read also:

• Transforming Digital Inventories in the Food Industry: A Comprehensive Guide for Food Businesses
• 1. Key Points for August 14: Gathering in Alaska, Immigration Enforcement (ICE), Financial service Zelle, Infowars, and Air Canada Airline Incidents
• Automobile manufacturer IM Motors reveals an extended-range powertrain akin to installing an internal combustion engine in a Tesla Model Y.
• Conflict Erupts Between Musk and Apple Over Apple Store's Neglect of Grok