November 2024 Patch Tuesday: Four Critical and Three Zero-Days Among 158 Vulnerabilities Patched

Category	Details
Total Vulnerabilities	158 vulnerabilities
Critical Vulnerabilities	CVE-2024-43625, CVE-2024-49056, CVE-2024-43498, CVE-2024-43639
Fully Mitigated Vulnerability	CVE-2024-49056 (no customer actions required)
Zero-Day Vulnerabilities	CVE-2024-43451, CVE-2024-49040, CVE-2024-49019
Risk Types (leading)	59% Remote Code Execution, 29% Elevation of Privilege
Most Patched Product	Microsoft CBL-Mariner (70 patches), followed by Windows (37), Microsoft SQL Server (31)
Microsoft CBL-Mariner	Microsoft’s Linux distribution for Azure environments, 70 patches
CVE-2024-49056	Critical privilege escalation vulnerability within airlift.microsoft.com (mitigated, no action required by customers).
CVE-2024-49039 (Windows Task Scheduler)	Important privilege escalation vulnerability, requires authenticated attacker to run crafted application for privilege upgrade (CVSS 8.8).
CVE-2024-43451 (NTLM Handling)	Important spoofing vulnerability, exposes NTLM hash for impersonation (CVSS 6.5).
CVE-2024-49019 (Active Directory)	Important privilege escalation in Active Directory Certificate Services, may lead to domain admin privileges (CVSS 7.8).
CVE-2024-49040 (Exchange Server)	Important spoofing vulnerability in Exchange Server (CVSS 7.5).
CVE-2024-43639 (Windows Kerberos)	Critical RCE vulnerability in Windows Kerberos, unauthenticated remote attacker can exploit (CVSS 9.8).
CVE-2024-43625 (Hyper-V)	Critical privilege escalation within Hyper-V VMSwitch, unprivileged attacker can execute code within Hyper-V execution environment (CVSS 8.1).
CVE-2024-43498 (.Net and Visual Studio)	Critical RCE vulnerability in .NET and Visual Studio Code, unauthenticated remote attacker can exploit (CVSS 9.8).
Mitigation Strategy Recommendation	For unpatched vulnerabilities, focus on holistic cybersecurity methods and overall security posture improvement.
CrowdStrike Falcon®	Platform that analyzes endpoint events from millions of sensors across 176 countries.
CVSS Scores	CVSS Base Score ranges from 0.0 to 10.0, assessing severity and characteristics of vulnerabilities.

Read full article : https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-november-2024/

Disclaimer: The above summary has been generated by an AI language model