Microsoft December 2024 Security Updates

Discussion in 'Software' started by NICK ADSL UK, Dec 10, 2024.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    December 2024 Security Updates


    This release consists of the following 72 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?


    System Center Operations Manager CVE-2024-43594

    Microsoft Office CVE-2024-43600

    Microsoft Edge (Chromium-based) CVE-2024-49041

    Microsoft Defender for Endpoint CVE-2024-49057

    Microsoft Office CVE-2024-49059

    Microsoft Office SharePoint CVE-2024-49062

    GitHub CVE-2024-49063

    Microsoft Office SharePoint CVE-2024-49064

    Microsoft Office Word CVE-2024-49065

    Microsoft Office SharePoint CVE-2024-49068

    Microsoft Office Excel CVE-2024-49069

    Microsoft Office SharePoint CVE-2024-49070

    Windows Task Scheduler CVE-2024-49072

    Windows Mobile Broadband CVE-2024-49073

    Windows Kernel-Mode Drivers CVE-2024-49074

    Windows Remote Desktop Services CVE-2024-49075

    Windows Virtualization-Based Security (VBS) Enclave CVE-2024-49076

    Windows Mobile Broadband CVE-2024-49077

    Windows Mobile Broadband CVE-2024-49078

    Microsoft Office Publisher CVE-2024-49079

    Windows IP Routing Management Snapin CVE-2024-49080

    Windows Wireless Wide Area Network Service CVE-2024-49081

    Windows File Explorer CVE-2024-49082

    Windows Mobile Broadband CVE-2024-49083

    Windows Kernel CVE-2024-49084

    Windows Routing and Remote Access Service (RRAS) CVE-2024-49085

    Windows Routing and Remote Access Service (RRAS) CVE-2024-49086

    Windows Mobile Broadband CVE-2024-49087

    Windows Common Log File System Driver CVE-2024-49088

    Windows Routing and Remote Access Service (RRAS) CVE-2024-49089

    Windows Common Log File System Driver CVE-2024-49090

    Role: DNS Server CVE-2024-49091

    Windows Mobile Broadband CVE-2024-49092

    Windows Resilient File System (ReFS) CVE-2024-49093

    Windows Wireless Wide Area Network Service CVE-2024-49094

    Windows PrintWorkflowUserSvc CVE-2024-49095

    Windows Message Queuing CVE-2024-49096

    Windows PrintWorkflowUserSvc CVE-2024-49097

    Windows Wireless Wide Area Network Service CVE-2024-49098

    Windows Wireless Wide Area Network Service CVE-2024-49099

    Windows Wireless Wide Area Network Service CVE-2024-49101

    Windows Routing and Remote Access Service (RRAS) CVE-2024-49102

    Windows Wireless Wide Area Network Service CVE-2024-49103

    Windows Routing and Remote Access Service (RRAS) CVE-2024-49104

    Remote Desktop Client CVE-2024-49105

    Windows Remote Desktop Services CVE-2024-49106

    WmsRepair Service CVE-2024-49107

    Windows Remote Desktop Services CVE-2024-49108

    Windows Wireless Wide Area Network Service CVE-2024-49109

    Windows Mobile Broadband CVE-2024-49110

    Windows Wireless Wide Area Network Service CVE-2024-49111

    Windows LDAP - Lightweight Directory Access Protocol CVE-2024-49112

    Windows LDAP - Lightweight Directory Access Protocol CVE-2024-49113

    Windows Cloud Files Mini Filter Driver CVE-2024-49114

    Windows Remote Desktop Services CVE-2024-49115

    Windows Remote Desktop Services CVE-2024-49116

    Role: Windows Hyper-V CVE-2024-49117

    Windows Message Queuing CVE-2024-49118

    Windows Remote Desktop Services CVE-2024-49119

    Windows Remote Desktop Services CVE-2024-49120

    Windows LDAP - Lightweight Directory Access Protocol CVE-2024-49121

    Windows Message Queuing CVE-2024-49122

    Windows Remote Desktop Services CVE-2024-49123

    Windows LDAP - Lightweight Directory Access Protocol CVE-2024-49124

    Windows Routing and Remote Access Service (RRAS) CVE-2024-49125

    Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-49126

    Windows LDAP - Lightweight Directory Access Protocol CVE-2024-49127

    Windows Remote Desktop Services CVE-2024-49128

    Windows Remote Desktop Services CVE-2024-49129

    Windows Remote Desktop CVE-2024-49132

    Windows Common Log File System Driver CVE-2024-49138

    Microsoft Office Access CVE-2024-49142

    We are republishing 1 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    Chrome Microsoft Edge (Chromium-based) CVE-2024-12053


    Security Update Guide Blog Posts

    Date Blog Post

    November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files

    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide


    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


    KB Article Applies To

    5048667 Windows 11, version 24H2

    5048685 Windows 11, version 22H2, Windows 11, version 23H2

    5048710 Windows Server 2008 (Monthly Rollup)

    5048744 Windows Server 2008 (Security-only update)


    Released: Dec 10, 2024

    December 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Dec 10, 2024
    #1
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds