Microsoft’s November 2024 security update for Windows 11 addresses 89 vulnerabilities, including four critical zero-day vulnerabilities that pose significant security risks to Windows systems. Among these, two zero-days are already being actively exploited in the wild, targeting key components such as Windows NTLM and Task Scheduler.
The update includes patches for the following critical zero-days:
- CVE-2024-43451 – This vulnerability in Windows NTLM allows attackers to spoof NTLM authentication and gain unauthorized access. Microsoft has confirmed that this flaw is actively exploited, making it a priority patch for all Windows systems relying on NTLM for authentication.
- CVE-2024-49039 – This vulnerability in Windows Task Scheduler enables attackers with local access to escalate privileges to gain system-level control. Known to be actively exploited, this issue is particularly critical for multi-user environments where local access may be more readily obtained.
- CVE-2024-43629 – This flaw in Windows DWM Core Library allows attackers to escalate privileges by exploiting weaknesses in the Desktop Window Manager. Though not yet exploited in the wild, its ease of exploitation makes it a high-risk vulnerability if left unpatched.
- CVE-2024-49033 – This vulnerability in Microsoft Office Word enables remote code execution through maliciously crafted Word documents. As it requires minimal user interaction, this flaw could be exploited in phishing campaigns or document-sharing scenarios, making it a high priority for organizations and users who frequently receive external files.
In addition to the zero days, this month’s Windows 11 update addresses high-severity vulnerabilities across key components, including SQL Server, Windows Telephony Service, and Microsoft Office Excel. SQL Server, in particular, has received several patches (e.g., CVE-2024-43455 and CVE-2024-43462) with CVSS scores of 8.8, highlighting the potential for unauthorized access and data compromise if unaddressed. For the complete list of the 89 flaws addressed this time, check this Microsoft portal.
Windows 11 feature and servicing stack updates
The update also rolls out Windows 11 versions 23H2 and 24H2, which bring quality improvements to the Windows servicing stack (KB5044620). While this update enhances the system’s ability to install future updates, Microsoft has identified a known issue affecting OpenSSH services, leading to connection disruptions. Users experiencing this issue are advised to adjust directory permissions as a temporary fix while awaiting Microsoft’s permanent resolution.
To protect against the latest vulnerabilities, users should apply the November 2024 security update as soon as possible by following these steps:
- Open Settings on your Windows device
- Go to Update & Security > Windows Update
- Select Check for updates. Windows will automatically download and install available updates.
After the security updates have been downloaded, a reboot will be required for them to be implemented on the system, as they address issues on core Windows 11 components.
CISA: These Were the 15 Most Exploited Vulnerabilities in 2023
Leave a Reply