CyberInsider

Reliable cybersecurity news and resources

General

Guides

About

Cyber Insider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Windows 11 December Patch Tuesday Fixes 72 Flaws, One Zero-Day

By Leave a Comment
Windows 11 December Patch Tuesday Fixes 72 Flaws, One Zero-Day

Microsoft's December 2024 Patch Tuesday for Windows 11 addresses 72 vulnerabilities across its product ecosystem, including an actively exploited zero-day vulnerability in the Windows Common Log File System Driver. This critical flaw could grant attackers SYSTEM privileges through a heap-based buffer overflow, making it the highest priority fix in this release.

Important fixes this month

The zero-day vulnerability, tracked under CVE-2024-49138, was discovered by CrowdStrike's Advanced Research Team and has been actively exploited in the wild. Classified as an elevation of privilege flaw, it has a CVSS score of 7.8, rating it “high severity.” An attacker exploiting this vulnerability could gain complete control of a target system by elevating their privileges to “SYSTEM,” without requiring user interaction. Microsoft has confirmed exploitation and released an official patch, urging all Windows users to update immediately to mitigate the risk.

Several other high-severity vulnerabilities were addressed in this update, with CVSS scores above 8.0. These include:

  • CVE-2024-49112 (Windows LDAP): A critical flaw with a CVSS score of 9.8, allowing remote attackers to execute code with elevated privileges.
  • CVE-2024-49093 (Windows Resilient File System): A vulnerability in ReFS that could lead to data integrity issues or unauthorized access.
  • CVE-2024-49085/86 (Windows Routing and Remote Access Service): Multiple critical flaws with CVSS scores of 8.8, enabling remote attackers to exploit access controls.
  • CVE-2024-49117 (Windows Hyper-V): Another critical vulnerability with a CVSS score of 8.8 impacting virtualized environments.

The update impacts various versions of Windows 11, specifically versions 22H2 and 23H2, and includes improvements to the servicing stack for reliability in deploying future updates. The cumulative update (KB5048685) ensures that all addressed vulnerabilities are patched in a single operation for enterprise and consumer systems alike.

Known issues

Post-update, some users reported issues with the OpenSSH service failing to start, affecting enterprise, IoT, and education customers. Microsoft has provided temporary workarounds to resolve permission-related errors until a permanent fix is released.

Microsoft has also warned that due to the upcoming Christmas holidays, there will be no non-security preview release this month, and these will resume in January 2025.

Apply the Windows update now

Users and administrators should apply the update immediately to ensure protection against active and potential threats. To do so, follow these steps:

  • Open Settings on your Windows device
  • Go to Update & Security > Windows Update
  • Select Check for updates, and Windows will automatically download and install available security updates.
CyberInsider

After the security updates have been installed, a reboot will be needed for their implementation.

About Alex Lekander

Alex is the founder and Editor-in-Chief of CyberInsider.com. His background and expertise includes digital privacy, security, and tech journalism. When he’s not working behind a screen, Alex is probably tinkering with a boat or enjoying the outdoors.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *