Microsoft November 2024 Security Updates

Discussion in 'Software' started by NICK ADSL UK, Nov 12, 2024.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member


    November 2024 Security Updates

    This release consists of the following 89 Microsoft CVEs:


    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

    Windows Package Library Manager CVE-2024-38203

    SQL Server CVE-2024-38255

    Microsoft Virtual Hard Drive CVE-2024-38264

    Windows SMBv3 Client/Server CVE-2024-43447

    Windows USB Video Driver CVE-2024-43449

    Microsoft Windows DNS CVE-2024-43450

    Windows NTLM CVE-2024-43451

    Windows Registry CVE-2024-43452

    SQL Server CVE-2024-43459

    SQL Server CVE-2024-43462

    .NET and Visual Studio CVE-2024-43498

    .NET and Visual Studio CVE-2024-43499

    Windows Update Stack CVE-2024-43530

    LightGBM CVE-2024-43598

    Azure CycleCloud CVE-2024-43602

    Azure Database for PostgreSQL CVE-2024-43613

    Windows Telephony Service CVE-2024-43620

    Windows Telephony Service CVE-2024-43621

    Windows Telephony Service CVE-2024-43622

    Windows NT OS Kernel CVE-2024-43623

    Role: Windows Hyper-V CVE-2024-43624

    Windows VMSwitch CVE-2024-43625

    Windows Telephony Service CVE-2024-43626

    Windows Telephony Service CVE-2024-43627

    Windows Telephony Service CVE-2024-43628

    Windows DWM Core Library CVE-2024-43629

    Windows Kernel CVE-2024-43630

    Windows Secure Kernel Mode CVE-2024-43631

    Role: Windows Hyper-V CVE-2024-43633

    Windows USB Video Driver CVE-2024-43634

    Windows Telephony Service CVE-2024-43635

    Windows DWM Core Library CVE-2024-43636

    Windows USB Video Driver CVE-2024-43637

    Windows USB Video Driver CVE-2024-43638

    Windows Kerberos CVE-2024-43639

    Windows Secure Kernel Mode CVE-2024-43640

    Windows Registry CVE-2024-43641

    Windows SMB CVE-2024-43642

    Windows USB Video Driver CVE-2024-43643

    Windows CSC Service CVE-2024-43644

    Windows Defender Application Control (WDAC) CVE-2024-43645

    Windows Secure Kernel Mode CVE-2024-43646

    SQL Server CVE-2024-48993

    SQL Server CVE-2024-48994

    SQL Server CVE-2024-48995

    SQL Server CVE-2024-48996

    SQL Server CVE-2024-48997

    SQL Server CVE-2024-48998

    SQL Server CVE-2024-48999

    SQL Server CVE-2024-49000

    SQL Server CVE-2024-49001

    SQL Server CVE-2024-49002

    SQL Server CVE-2024-49003

    SQL Server CVE-2024-49004

    SQL Server CVE-2024-49005

    SQL Server CVE-2024-49006

    SQL Server CVE-2024-49007

    SQL Server CVE-2024-49008

    SQL Server CVE-2024-49009

    SQL Server CVE-2024-49010

    SQL Server CVE-2024-49011

    SQL Server CVE-2024-49012

    SQL Server CVE-2024-49013

    SQL Server CVE-2024-49014

    SQL Server CVE-2024-49015

    SQL Server CVE-2024-49016

    SQL Server CVE-2024-49017

    SQL Server CVE-2024-49018

    Windows Active Directory Certificate Services CVE-2024-49019

    SQL Server CVE-2024-49021

    Microsoft Office Excel CVE-2024-49026

    Microsoft Office Excel CVE-2024-49027

    Microsoft Office Excel CVE-2024-49028

    Microsoft Office Excel CVE-2024-49029

    Microsoft Office Excel CVE-2024-49030

    Microsoft Graphics Component CVE-2024-49031

    Microsoft Graphics Component CVE-2024-49032

    Microsoft Office Word CVE-2024-49033

    Windows Task Scheduler CVE-2024-49039

    Microsoft Exchange Server CVE-2024-49040

    Azure Database for PostgreSQL CVE-2024-49042

    SQL Server CVE-2024-49043

    Visual Studio CVE-2024-49044

    Windows Win32 Kernel Subsystem CVE-2024-49046

    TorchGeo CVE-2024-49048

    Visual Studio Code CVE-2024-49049

    Visual Studio Code CVE-2024-49050

    Microsoft PC Manager CVE-2024-49051

    Airlift.microsoft.com CVE-2024-49056



    We are republishing 3 non-Microsoft CVEs:

    CNA Tag CVE FAQs? Workarounds? Mitigations?

    Chrome Microsoft Edge (Chromium-based) CVE-2024-10826

    Chrome Microsoft Edge (Chromium-based) CVE-2024-10827

    OpenSSL Microsoft Defender for Endpoint CVE-2024-5535



    Security Update Guide Blog Posts

    Date Blog Post

    November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files

    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources

    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.



    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).



    KB Article Applies To

    5046617 Windows 11, version 24H2, Windows Server 2025, Windows Server 2025 (Server Core installation)

    5046633 Windows 11, version 22H2, Windows 11, version 23H2

    5046639 Windows Server 2008 (Security-only update)

    5046661 Windows Server 2008 (Monthly Rollup)

    Released: Nov 12, 2024

    November 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Nov 12, 2024
    #1
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds