Today’s VERT Alert addresses Microsoft’s December 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1136 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-49138 The only vulnerability that has been publicly disclosed and exploited this month is CVE-2024-49138, a vulnerability in the Windows Common Log File System Driver. Successful exploitation of this privilege escalation vulnerability would grant the attacker SYSTEM level permissions. Microsoft has reported this vulnerability as Exploitation Detected. CVE…
Leave a Reply