December Microsoft Patch Tuesday. 89 CVEs, of which 18 were added since November MSPT. 1 vulnerability with signs of exploitation in the wild:
🔻 EoP - Windows Common Log File System Driver (CVE-2024-49138). There are no details about this vulnerability yet.
Strictly speaking, there was another vulnerability that was exploited in the wild: EoP - Microsoft Partner Network (CVE-2024-49035). But this is an already fixed vulnerability in the Microsoft website and I'm not even sure that it was worth creating a CVE. 🤔
For the remaining vulnerabilities, there are no signs of exploitation in the wild, nor exploits (even private ones).
I can highlight:
🔹 RCE - Windows LDAP (CVE-2024-49112, CVE-2024-49127)
🔹 RCE - Windows LSASS (CVE-2024-49126)
🔹 RCE - Windows Remote Desktop Services (CVE-2024-49106 и ещё 8 CVE)
🔹 RCE - Microsoft MSMQ (CVE-2024-49122, CVE-2024-49118)
🔹 RCE - Microsoft SharePoint (CVE-2024-49070)
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю подписаться на мой канал @avleonovrus "Управление Уязвимостями и прочее" в MAX или в Telegram.
Pingback: About Remote Code Execution – Windows Lightweight Directory Access Protocol (LDAP) (CVE-2024-49112) | Alexander V. Leonov
Pingback: The Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) has become more critical | Alexander V. Leonov
Pingback: What has become known about the Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later? | Alexander V. Leonov