Report Name: Microsoft Patch Tuesday, November 2024
Generated: 2024-11-13 02:44:20

Product Name	Prevalence	U	C	H	M	L	A	Comment
Windows SMB	1				1		1	Windows component
Windows Kernel	0.9				1		1	Windows Kernel
Windows Win32k	0.9				1		1	The Win32k.sys driver is the kernel side of some core parts of the Windows subsystem. Its main functionality is the GUI of Windows; it's responsible for window management.
Chromium	0.8			3	19		22	Chromium is a free and open-source web browser project, mainly developed and maintained by Google
Microsoft Edge	0.8			7	2		9	Web browser
Microsoft Exchange	0.8				1		1	Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft
Microsoft Windows VMSwitch	0.8				1		1	Windows component
OpenSSL	0.8			1			1	A software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end
Windows Client-Side Caching	0.8				1		1	Windows component
Windows DNS	0.8				1		1	Windows component
Windows DWM Core Library	0.8				1		1	Windows component
Windows Defender Application Control (WDAC)	0.8				1		1	Windows component
Windows Hyper-V Shared Virtual Disk	0.8				1		1	Windows component
Windows Kerberos	0.8			1			1	Windows component
Windows Kernel-Mode Driver	0.8				1		1	Windows component
Windows NT OS Kernel	0.8				1		1	Windows component
Windows Package Library Manager	0.8				1		1	Windows component
Windows Registry	0.8				2		2	Windows component
Windows SMBv3 Server	0.8			1			1	Windows component
Windows Secure Kernel Mode	0.8				2		2	Windows component
Windows Task Scheduler	0.8		1				1	Windows component
Windows Telephony Service	0.8			6	1		7	Windows component
Windows USB Video Class System Driver	0.8				5		5	Windows component
Windows Update Stack	0.8				1		1	Windows component
Windows Win32 Kernel Subsystem	0.8				1		1	Windows component
.NET and Visual Studio	0.7			1	1		2	.NET and Visual Studio
Microsoft Excel	0.6				5		5	MS Office product
Microsoft Office Graphics	0.6				2		2	Microsoft Office Graphics
Microsoft Word	0.6				1		1	Microsoft Word is a widely used commercial word processor developed by Microsoft. It is a component of the Microsoft Office suite of productivity software but can also be purchased as a standalone product.
Windows Hyper-V	0.6				1		1	Hardware virtualization component of the client editions of Windows NT
Active Directory Certificate Services	0.5				1		1	Active Directory Certificate Services
Azure CycleCloud	0.5				1		1	Azure CycleCloud
Azure Database for PostgreSQL Flexible Server Extension	0.5				2		2	Azure Database for PostgreSQL Flexible Server Extension
Azure Functions	0.5			1			1	Product detected by a:microsoft:azure_functions (exists in CPE dict)
LightGBM	0.5				1		1	LightGBM
Microsoft PC Manager	0.5				1		1	Microsoft PC Manager
Microsoft SQL Server	0.5				1		1	Microsoft SQL Server
Microsoft Virtual Hard Disk (VHDX)	0.5				1		1	Microsoft Virtual Hard Disk (VHDX)
Microsoft.SqlServer.XEvent.Configuration.dll	0.5				1		1	Microsoft.SqlServer.XEvent.Configuration.dll
NTLM Hash Disclosure	0.5			1			1	NTLM Hash Disclosure
SQL Server Native Client	0.5				29		29	SQL Server Native Client
TorchGeo	0.5				1		1	TorchGeo
Visual Studio Code Python Extension	0.5				1		1	Visual Studio Code Python Extension
Visual Studio Code Remote Extension	0.5				1		1	Visual Studio Code Remote Extension
nvidia_container_toolkit	0.5			1			1	Product detected by a:nvidia:nvidia_container_toolkit (does NOT exist in CPE dict)
power_platform	0.5				1		1	Product detected by a:microsoft:power_platform (does NOT exist in CPE dict)
Visual Studio	0.3				1		1	Integrated development environment
Microsoft Dataverse	0.2			1			1	Microsoft Dataverse
Unknown Product	0				1		1	Unknown Product

Vulnerability Type	Criticality	U	C	H	M	L	A
Remote Code Execution	1.0			19	42		61
Authentication Bypass	0.98			2	1		3
Security Feature Bypass	0.9			1	4		5
Elevation of Privilege	0.85		1		27		28
Information Disclosure	0.83			1	2		3
Denial of Service	0.7				4		4
Memory Corruption	0.5				13		13
Spoofing	0.4			1	7		8

Source	U	C	H	M	L	A
MS PT Extended			13	22		35
Qualys		1	3	10		14
Tenable		1	2	3		6
Rapid7		1	3	2		6
ZDI		1	3	1		5

Urgent (0)

Critical (1)

1. Elevation of Privilege - Windows Task Scheduler (CVE-2024-49039) - Critical [727]

Description: Windows Task Scheduler Elevation of Privilege Vulnerability

Qualys: CVE-2024-49039: Windows Task Scheduler Elevation of Privilege Vulnerability Task Scheduler is a built-in Windows utility that allows users to automate the execution of programs, scripts, and various tasks at specific intervals or specific events. It simplifies the process of running repetitive tasks, managing background processes, and scheduling maintenance activities on a computer. An authenticated attacker may exploit the vulnerability to run a specially crafted application on the target system. Upon successful exploitation, an attacker may execute RPC functions restricted to privileged accounts only.

Tenable: Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)

Tenable: CVE-2024-49039 | Windows Task Scheduler Elevation of Privilege Vulnerability

Tenable: CVE-2024-49039 is an EoP vulnerability in the Microsoft Windows Task Scheduler. It was assigned a CVSSv3 score of 8.8 and is rated as important. An attacker with local access to a vulnerable system could exploit this vulnerability by running a specially crafted application. Successful exploitation would allow an attacker to access resources that would otherwise be unavailable to them as well as execute code, such as remote procedure call (RPC) functions.

Tenable: According to Microsoft, CVE-2024-49039 was exploited in the wild as a zero-day. It was disclosed to Microsoft by an anonymous researcher along with Vlad Stolyarov and Bahare Sabouri of Google's Threat Analysis Group. At the time this blog post was published, no further details about in-the-wild exploitation were available.

Rapid7: Windows Task Scheduler facilitates all sorts of useful outcomes, and if you’re a threat actor, it now offers one more: elevation of privilege via CVE-2024-49039. Microsoft is aware of exploitation in the wild. Given the low attack complexity and low privileges requirement, no requirement for user interaction, high impact across the CIA triad, and changed scope, it’s no surprise that the CVSSv3 base score comes out as a relatively zesty 8.8. However, Windows elevation of privilege vulnerabilities are always most exciting for attackers when they lead directly to SYSTEM privileges, but that’s not the case here. The attacker in this scenario starts out in a low-privileged AppContainer sandbox, and exploitation via a malicious app provides medium integrity level privileges, which is the same as a regular non-administrative user on the system. Still, every step forward for a threat actor is a step back for defenders.

ZDI: CVE-2024-49039 - Windows Task Scheduler Elevation of Privilege Vulnerability. Here’s another local privilege escalation bug being used in the wild. However, this isn’t the straightforward EoP we typically see. In this case, the bug allows an AppContainer escape – allowing a low-privileged user to execute code at Medium integrity. You still need to be able to execute code on the system for this to occur, but container escapes are still quite interesting as they are rarely seen in the wild. This was reported by multiple researchers, which indicates the bug is being exploited in multiple regions. Hopefully one of the researchers will provide additional details about the vulnerability now that a fix is available.

High (24)

2. Spoofing - NTLM Hash Disclosure (CVE-2024-43451) - High [573]

Description: NTLM Hash Disclosure Spoofing Vulnerability

Qualys: CVE-2024-43451: NTLM Hash Disclosure Spoofing Vulnerability An NTLM hash is a cryptographic format that stores user passwords on Windows systems. It’s a key part of the authentication process for users and computers on domains, home networks, and workgroup networks. Upon successful exploitation, an attacker may disclose a user’s NTLMv2 hash to the attacker, who could use this to authenticate as the user.

Tenable: Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)

Tenable: CVE-2024-43451 | NTLM Hash Disclosure Spoofing Vulnerability

Tenable: CVE-2024-43451 is a NTLM hash spoofing vulnerability in Microsoft Windows. It was assigned a CVSSv3 score of 6.5 and is rated as important. An attacker could exploit this flaw by convincing a user to open a specially crafted file. Successful exploitation would lead to the unauthorized disclosure of a user’s NTLMv2 hash, which an attacker could then use to authenticate to the system as the user. According to Microsoft, CVE-2024-43451 was exploited in the wild as a zero-day. No further details about this vulnerability were available at the time this blog post was published.

Rapid7: Given the CVSSv3 base score of 6.0, one might almost be forgiven for overlooking CVE-2024-43451, which describes an NTLM hash disclosure spoofing vulnerability in the MSHTML platform which powered Internet Explorer. However, public disclosure and in-the-wild exploitation are always worth a look. Although exploitation requires that the user interact with a malicious file, a successful attacker receives the user’s NTLMv2 hash, and can then use that to authenticate as the user.

Rapid7: Microsoft has arguably scored CVE-2024-43451 correctly according to the CVSSv3.1 specification. However, although the Microsoft CVSSv3 vector describes an impact only to confidentiality, if an attacker can authenticate as the user post-exploitation, a further potential for subsequent impact to integrity and availability now exists; if we take that potential indirect effect into account, the CVSSv3 base score would look more like 8.8, which is the sort of number where alarm bells typically start ringing for many defenders. As a further sting in the tail, the advisory FAQ describes the required user interaction as minimal: left click, right click, or even the highly non-specific “performing an action other than opening or executing [the file]”. There’s certainly the potential for a long tail of exploitation here, especially in environments with more relaxed patching cadence.

Rapid7: The complete Windows catalog from Server 2025 and Windows 11 24H2 all the way back to Server 2008 receives patches for CVE-2024-43451. As Rapid7 has previously noted, MSHTML (also known as Trident) is still fully present in Windows — and unpatched assets are thus vulnerable — regardless of whether or not a Windows asset has Internet Explorer 11 disabled.

Rapid7: The advisory for CVE-2024-49040 hints that post-patching actions may be required for remediation of CVE-2024-49040, and links to further information in a separate article titled “Exchange Server non-RFC compliant P2 FROM header detection”. A careful read of the article doesn’t appear to list any mandatory post-patching actions; instead, there is an optional extra mitigation strategy action around Exchange Transport Rules, as well as an encouragingly detailed explanation of the protection offered by today’s patches. The article showcases that an Exchange-connected email client such as Outlook might display a forged sender as if it were legitimate, which we can all agree is not a good outcome. Attackers don’t have to look far to find other vulnerabilities to chain with this one, since today’s sibling zero-day vulnerability CVE-2024-43451 is certainly an option. On the other hand, let’s take a moment to appreciate the Exchange team’s blog title: “You Had Me at EHLO”.

ZDI: CVE-2024-43451 - NTLM Hash Disclosure Spoofing Vulnerability. It seems we can never fully escape Internet Explorer. Despite it being retired by Microsoft, it still remains in the form of MSHTML and is accessible through the WebBrowser control and other means. That is what is being abused by attackers here to disclose the victim’s NTLMv2 hash, which could then be used by the attacker to authenticate as the user. User interaction is required, but that doesn’t seem to stop these attacks from being effective. As always, Microsoft does not give any indication of how widespread these attacks are, but I would not wait to test and deploy this update.

3. Remote Code Execution - Microsoft Edge (CVE-2024-43595) - High [535]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-43595 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

4. Remote Code Execution - Microsoft Edge (CVE-2024-43596) - High [535]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-43596 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

5. Remote Code Execution - Microsoft Edge (CVE-2024-43566) - High [466]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-43566 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

6. Remote Code Execution - Microsoft Edge (CVE-2024-43578) - High [466]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-43578 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

7. Remote Code Execution - Microsoft Edge (CVE-2024-43579) - High [466]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-43579 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

8. Authentication Bypass - Azure Functions (CVE-2024-38204) - High [458]

Description: Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network.

MS PT Extended: CVE-2024-38204 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

9. Remote Code Execution - Chromium (CVE-2024-9965) - High [454]

Description: Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

MS PT Extended: CVE-2024-9965 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

10. Remote Code Execution - Microsoft Edge (CVE-2024-43587) - High [442]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-43587 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

11. Remote Code Execution - Chromium (CVE-2024-10487) - High [430]

Description: Chromium: CVE-2024-10487: Out of bounds write in Dawn. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-10487 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

12. Remote Code Execution - Microsoft Edge (CVE-2024-49023) - High [430]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-49023 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

13. Remote Code Execution - Windows Kerberos (CVE-2024-43639) - High [430]

Description: Windows Kerberos Remote Code Execution Vulnerability

Qualys: CVE-2024-43639: Windows Kerberos Remote Code Execution Vulnerability Windows Kerberos is a protocol that verifies user and host identities on a network. Kerberos uses a Key Distribution Center (KDC) and symmetric key cryptography to authenticate users. It assumes that transactions between clients and servers occur on an open network, where packets can be monitored and modified. An unauthenticated attacker could use a specially crafted application to exploit a cryptographic protocol vulnerability in Windows Kerberos to perform remote code execution against the target.

Tenable: CVE-2024-43639 | Windows Kerberos Remote Code Execution Vulnerability

Tenable: CVE-2024-43639 is a critical RCE vulnerability affecting Windows Kerberos, an authentication protocol designed to verify user or host identities. It was assigned a CVSSv3 score of 9.8 and is rated as “Exploitation Less Likely.”

Rapid7: The advisory for CVE-2024-43639 describes a critical RCE in Kerberos with a CVSSv3 base score of 89.8, although not in great detail. The FAQ explains that an unauthenticated attacker could use a specially crafted application to leverage a cryptographic protocol vulnerability in Windows Kerberos to perform remote code execution against the target, but without providing much information about the target or the precise context of code execution. The only safe assumption here is that code execution is in a highly-privileged context on a server which handles key authentication tasks. Patch accordingly.

ZDI: CVE-2024-43639 - Windows Kerberos Remote Code Execution Vulnerability. I don’t often get excited about bugs (ok – that’s a lie – I totally do), but this CVSS 9.8 bug excites me. The vulnerability allows a remote, unauthenticated attacker to run code on an affected system by leveraging a bug in the cryptographic protocol. No user interaction is required. Since Kerberos runs with elevated privileges, that makes this a wormable bug between affected systems. What systems are impacted? Every supported version of Windows Server. I somehow doubt this will actually be seen in the wild, but I wouldn’t take that chance. Test and deploy this fix quickly.

14. Security Feature Bypass - Chromium (CVE-2024-10229) - High [425]

Description: Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)

MS PT Extended: CVE-2024-10229 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

15. Authentication Bypass - Microsoft Dataverse (CVE-2024-38139) - High [420]

Description: Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

MS PT Extended: CVE-2024-38139 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

16. Remote Code Execution - Windows Telephony Service (CVE-2024-43620) - High [419]

Description: Windows Telephony Service Remote Code Execution Vulnerability

17. Remote Code Execution - Windows Telephony Service (CVE-2024-43621) - High [419]

Description: Windows Telephony Service Remote Code Execution Vulnerability

18. Remote Code Execution - Windows Telephony Service (CVE-2024-43622) - High [419]

Description: Windows Telephony Service Remote Code Execution Vulnerability

19. Remote Code Execution - Windows Telephony Service (CVE-2024-43627) - High [419]

Description: Windows Telephony Service Remote Code Execution Vulnerability

20. Remote Code Execution - Windows Telephony Service (CVE-2024-43628) - High [419]

Description: Windows Telephony Service Remote Code Execution Vulnerability

21. Remote Code Execution - Windows Telephony Service (CVE-2024-43635) - High [419]

Description: Windows Telephony Service Remote Code Execution Vulnerability

22. Remote Code Execution - .NET and Visual Studio (CVE-2024-43498) - High [414]

Description: .NET and Visual Studio Remote Code Execution Vulnerability

Qualys: CVE-2024-43498: .NET and Visual Studio Remote Code Execution Vulnerability A remote unauthenticated attacker may exploit this vulnerability by sending specially crafted requests to a vulnerable .NET webapp or loading a specially crafted file into a vulnerable desktop app.

Rapid7: This month brings patches for CVE-2024-43498, a critical RCE in .NET 9.0 with a CVSSv3 base score of 9.8, which is so seldom a harbinger of good news. Exploitation might mean compromise of a desktop application by loading a malicious file, but most concerningly could also describe RCE in the context of a vulnerable .NET webapp via a specially crafted request. Microsoft assesses exploitation as less likely, but there’s nothing on the advisory which obviously supports that assessment, since this is a low-complexity network attack which requires neither privileges nor user interaction. CVE-2024-43498 is surely worthy of immediate patching. It’s also never a bad idea to review other options for protection, especially for internet-exposed services.

ZDI: CVE-2024-43498 - .NET and Visual Studio Remote Code Execution Vulnerability. This is one of the bugs I say is public even though Microsoft doesn’t, as it sure looks like this issue. This is another CVSS 9.8 and would allow attackers to execute code by sending a specially crafted request to an affected .NET webapp. The attacker could also convince a target to load a specially crafted file from an affected desktop app. Either way, the resulting code execution would occur at the level of the application, so it may be paired with an EoP if it were to be seen in the wild. Definitely check your .NET and Visual Studio apps and patch them as needed.

23. Remote Code Execution - Windows SMBv3 Server (CVE-2024-43447) - High [407]

Description: Windows SMBv3 Server Remote Code Execution Vulnerability

24. Remote Code Execution - nvidia_container_toolkit (CVE-2024-0132) - High [404]

Description: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

MS PT Extended: CVE-2024-0132 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

25. Information Disclosure - OpenSSL (CVE-2024-5535) - High [400]

Description: Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a "no overlap" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.

Medium (100)

26. Information Disclosure - power_platform (CVE-2024-38190) - Medium [398]

Description: {'ms_cve_data_all': 'Power Platform Information Disclosure Vulnerability. Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector.\n', 'nvd_cve_data_all': 'Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector.', 'custom_cve_data_all': '', 'combined_cve_data_all': ''}

MS PT Extended: CVE-2024-38190 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

27. Elevation of Privilege - Windows Kernel (CVE-2024-43630) - Medium [397]

Description: Windows Kernel Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-43623 is an elevation of privilege vulnerability in Windows NT OS Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43630 is an elevation of privilege vulnerability in Windows Kernel. Upon successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43629 is an elevation of privilege vulnerability in Windows DWM Core Library. An attacker may exploit the vulnerability to gain SYSTEM privileges. CVE-2024-43636 is an elevation of privilege vulnerability in Win32k. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. CVE-2024-43642 is a denial-of-service vulnerability in Windows SMB. An attacker may exploit the vulnerability to create a denial-of-service (DoS) attack. CVE-2024-49033 is a security feature bypass vulnerability in Microsoft Word. Successful exploitation of the vulnerability may allow an attacker to bypass specific functionality of the Office Protected View.

28. Elevation of Privilege - Windows Win32k (CVE-2024-43636) - Medium [397]

Description: Win32k Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-43623 is an elevation of privilege vulnerability in Windows NT OS Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43630 is an elevation of privilege vulnerability in Windows Kernel. Upon successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43629 is an elevation of privilege vulnerability in Windows DWM Core Library. An attacker may exploit the vulnerability to gain SYSTEM privileges. CVE-2024-43636 is an elevation of privilege vulnerability in Win32k. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. CVE-2024-43642 is a denial-of-service vulnerability in Windows SMB. An attacker may exploit the vulnerability to create a denial-of-service (DoS) attack. CVE-2024-49033 is a security feature bypass vulnerability in Microsoft Word. Successful exploitation of the vulnerability may allow an attacker to bypass specific functionality of the Office Protected View.

29. Elevation of Privilege - Chromium (CVE-2024-9956) - Medium [392]

Description: Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

MS PT Extended: CVE-2024-9956 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

30. Elevation of Privilege - Windows Hyper-V Shared Virtual Disk (CVE-2024-43624) - Medium [392]

Description: Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability

31. Denial of Service - Windows SMB (CVE-2024-43642) - Medium [386]

Description: Windows SMB Denial of Service Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-43623 is an elevation of privilege vulnerability in Windows NT OS Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43630 is an elevation of privilege vulnerability in Windows Kernel. Upon successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43629 is an elevation of privilege vulnerability in Windows DWM Core Library. An attacker may exploit the vulnerability to gain SYSTEM privileges. CVE-2024-43636 is an elevation of privilege vulnerability in Win32k. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. CVE-2024-43642 is a denial-of-service vulnerability in Windows SMB. An attacker may exploit the vulnerability to create a denial-of-service (DoS) attack. CVE-2024-49033 is a security feature bypass vulnerability in Microsoft Word. Successful exploitation of the vulnerability may allow an attacker to bypass specific functionality of the Office Protected View.

32. Elevation of Privilege - Microsoft Windows VMSwitch (CVE-2024-43625) - Medium [380]

Description: Microsoft Windows VMSwitch Elevation of Privilege Vulnerability

Qualys: CVE-2024-43625: Microsoft Windows VMSwitch Elevation of Privilege Vulnerability  A Microsoft Windows VMSwitch, or virtual switch, is a software program that allows virtual machines (VMs) to communicate with each other and physical networks. VMSwitches are available in Hyper-V Manager when the Hyper-V server role is installed. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and prepare the target environment. Upon successful exploitation, an attacker may gain SYSTEM privileges.

33. Elevation of Privilege - Windows Client-Side Caching (CVE-2024-43644) - Medium [380]

Description: Windows Client-Side Caching Elevation of Privilege Vulnerability

34. Elevation of Privilege - Windows DWM Core Library (CVE-2024-43629) - Medium [380]

Description: Windows DWM Core Library Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-43623 is an elevation of privilege vulnerability in Windows NT OS Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43630 is an elevation of privilege vulnerability in Windows Kernel. Upon successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43629 is an elevation of privilege vulnerability in Windows DWM Core Library. An attacker may exploit the vulnerability to gain SYSTEM privileges. CVE-2024-43636 is an elevation of privilege vulnerability in Win32k. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. CVE-2024-43642 is a denial-of-service vulnerability in Windows SMB. An attacker may exploit the vulnerability to create a denial-of-service (DoS) attack. CVE-2024-49033 is a security feature bypass vulnerability in Microsoft Word. Successful exploitation of the vulnerability may allow an attacker to bypass specific functionality of the Office Protected View.

35. Elevation of Privilege - Windows Kernel-Mode Driver (CVE-2024-43640) - Medium [380]

Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

36. Elevation of Privilege - Windows NT OS Kernel (CVE-2024-43623) - Medium [380]

Description: Windows NT OS Kernel Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-43623 is an elevation of privilege vulnerability in Windows NT OS Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43630 is an elevation of privilege vulnerability in Windows Kernel. Upon successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43629 is an elevation of privilege vulnerability in Windows DWM Core Library. An attacker may exploit the vulnerability to gain SYSTEM privileges. CVE-2024-43636 is an elevation of privilege vulnerability in Win32k. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. CVE-2024-43642 is a denial-of-service vulnerability in Windows SMB. An attacker may exploit the vulnerability to create a denial-of-service (DoS) attack. CVE-2024-49033 is a security feature bypass vulnerability in Microsoft Word. Successful exploitation of the vulnerability may allow an attacker to bypass specific functionality of the Office Protected View.

37. Elevation of Privilege - Windows Registry (CVE-2024-43452) - Medium [380]

Description: Windows Registry Elevation of Privilege Vulnerability

38. Elevation of Privilege - Windows Registry (CVE-2024-43641) - Medium [380]

Description: Windows Registry Elevation of Privilege Vulnerability

39. Elevation of Privilege - Windows Telephony Service (CVE-2024-43626) - Medium [380]

Description: Windows Telephony Service Elevation of Privilege Vulnerability

40. Elevation of Privilege - Windows Update Stack (CVE-2024-43530) - Medium [380]

Description: Windows Update Stack Elevation of Privilege Vulnerability

41. Elevation of Privilege - Windows Win32 Kernel Subsystem (CVE-2024-49046) - Medium [380]

Description: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

42. Remote Code Execution - Azure CycleCloud (CVE-2024-43602) - Medium [380]

Description: Azure CycleCloud Remote Code Execution Vulnerability

Tenable: To exploit this vulnerability, an unauthenticated attacker needs to leverage a cryptographic protocol vulnerability in order to achieve RCE. No further details were provided by Microsoft about this vulnerability at the time this blog was published.CVE-2024-43602 is a RCE vulnerability in Microsoft’s Azure CycleCloud, a tool that helps in managing and orchestrating High Performance Computing (HPC) environments in Azure. This flaw received the highest CVSSv3 score of the month, a 9.9 and was rated as important. A user with basic permissions could exploit CVE-2024-43602 by sending specially crafted requests to a vulnerable AzureCloud CycleCloud cluster to modify its configuration. Successful exploitation would result in the user gaining root permissions, which could then be used to execute commands on any cluster in the Azure CycleCloud as well as steal admin credentials.

43. Spoofing - Microsoft Exchange (CVE-2024-49040) - Medium [380]

Description: Microsoft Exchange Server Spoofing Vulnerability

Qualys: CVE-2024-49040: Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server is a mail and calendaring server that runs exclusively on Windows. Exchange Server includes calendaring software, email, and a place to manage contacts. Microsoft has not provided any information about the vulnerability.

Tenable: CVE-2024-49040 | Microsoft Exchange Server Spoofing Vulnerability

Tenable: CVE-2024-49040 is a spoofing vulnerability affecting Microsoft Exchange Server 2016 and 2019. It was assigned a CVSSv3 score of 7.5 and rated as important. According to Microsoft, this vulnerability was publicly disclosed prior to a patch being made available. After applying the update, administrators should review the support article Exchange Server non-RFC compliant P2 FROM header detection. The supplemental guide notes that as part of a “secure by default” approach, the Exchange Server update for November will flag suspicious emails which may contain “malicious patterns in the P2 FROM header.” While this feature can be disabled, Microsoft strongly recommends leaving it enabled to provide further protection from phishing attempts and malicious emails.

Rapid7: It’s been a few months since we’ve seen any security patches for Exchange, but the streak is now broken with a zero-day vulnerability. Mailserver admins should be paying attention to CVE-2024-49040, which is a publicly disclosed spoofing vulnerability. The specific weakness is CWE-451: User Interface (UI) Misrepresentation of Critical Information, which is often associated with phishing attacks, as well as browser vulnerabilities, and can describe a wide range of misdeeds, from visual truncation and UI overlay to homograph abuse. Microsoft does not yet claim knowledge of in-the-wild exploitation.

Rapid7: The advisory for CVE-2024-49040 hints that post-patching actions may be required for remediation of CVE-2024-49040, and links to further information in a separate article titled “Exchange Server non-RFC compliant P2 FROM header detection”. A careful read of the article doesn’t appear to list any mandatory post-patching actions; instead, there is an optional extra mitigation strategy action around Exchange Transport Rules, as well as an encouragingly detailed explanation of the protection offered by today’s patches. The article showcases that an Exchange-connected email client such as Outlook might display a forged sender as if it were legitimate, which we can all agree is not a good outcome. Attackers don’t have to look far to find other vulnerabilities to chain with this one, since today’s sibling zero-day vulnerability CVE-2024-43451 is certainly an option. On the other hand, let’s take a moment to appreciate the Exchange team’s blog title: “You Had Me at EHLO”.

Rapid7: Patches for CVE-2024-49040 are available for Exchange 2019 CU13 and CU14, as well as Exchange 2016 CU23. It’s worth remembering that both Exchange 2016 and 2019 have an extended end date of 2025-10-14, which is now less than a year away; this despite the fact that the successor for 2016 and 2019, which Microsoft is unsubtly branding as Exchange Server Subscription Edition, isn’t due for release until early in 2025 Q3. Many admins would no doubt prefer a longer upgrade window.

Rapid7: The researcher who reported CVE-2024-49040 also discovered a means to impersonate Microsoft corporate email accounts earlier this year, but went public with his findings after Microsoft dismissed his report; it appears that the relationship has been at least somewhat repaired.

44. Security Feature Bypass - Chromium (CVE-2024-9966) - Medium [377]

Description: Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

MS PT Extended: CVE-2024-9966 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

45. Security Feature Bypass - Windows Defender Application Control (WDAC) (CVE-2024-43645) - Medium [377]

Description: Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability

46. Remote Code Execution - Microsoft Excel (CVE-2024-49026) - Medium [373]

Description: Microsoft Excel Remote Code Execution Vulnerability

47. Remote Code Execution - Microsoft Excel (CVE-2024-49027) - Medium [373]

Description: Microsoft Excel Remote Code Execution Vulnerability

48. Remote Code Execution - Microsoft Excel (CVE-2024-49028) - Medium [373]

Description: Microsoft Excel Remote Code Execution Vulnerability

49. Remote Code Execution - Microsoft Excel (CVE-2024-49029) - Medium [373]

Description: Microsoft Excel Remote Code Execution Vulnerability

50. Remote Code Execution - Microsoft Excel (CVE-2024-49030) - Medium [373]

Description: Microsoft Excel Remote Code Execution Vulnerability

51. Remote Code Execution - Microsoft Office Graphics (CVE-2024-49031) - Medium [373]

Description: Microsoft Office Graphics Remote Code Execution Vulnerability

52. Remote Code Execution - Microsoft Office Graphics (CVE-2024-49032) - Medium [373]

Description: Microsoft Office Graphics Remote Code Execution Vulnerability

53. Remote Code Execution - SQL Server Native Client (CVE-2024-38255) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

54. Remote Code Execution - SQL Server Native Client (CVE-2024-43459) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

55. Remote Code Execution - SQL Server Native Client (CVE-2024-43462) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

56. Remote Code Execution - SQL Server Native Client (CVE-2024-48993) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

57. Remote Code Execution - SQL Server Native Client (CVE-2024-48994) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

58. Remote Code Execution - SQL Server Native Client (CVE-2024-48995) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

59. Remote Code Execution - SQL Server Native Client (CVE-2024-48996) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

60. Remote Code Execution - SQL Server Native Client (CVE-2024-48997) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

61. Remote Code Execution - SQL Server Native Client (CVE-2024-48998) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

62. Remote Code Execution - SQL Server Native Client (CVE-2024-48999) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

63. Remote Code Execution - SQL Server Native Client (CVE-2024-49000) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

64. Remote Code Execution - SQL Server Native Client (CVE-2024-49001) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

65. Remote Code Execution - SQL Server Native Client (CVE-2024-49002) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

66. Remote Code Execution - SQL Server Native Client (CVE-2024-49003) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

67. Remote Code Execution - SQL Server Native Client (CVE-2024-49004) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

68. Remote Code Execution - SQL Server Native Client (CVE-2024-49005) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

69. Remote Code Execution - SQL Server Native Client (CVE-2024-49006) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

70. Remote Code Execution - SQL Server Native Client (CVE-2024-49007) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

71. Remote Code Execution - SQL Server Native Client (CVE-2024-49008) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

72. Remote Code Execution - SQL Server Native Client (CVE-2024-49009) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

73. Remote Code Execution - SQL Server Native Client (CVE-2024-49010) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

74. Remote Code Execution - SQL Server Native Client (CVE-2024-49011) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

75. Remote Code Execution - SQL Server Native Client (CVE-2024-49012) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

76. Remote Code Execution - SQL Server Native Client (CVE-2024-49013) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

77. Remote Code Execution - SQL Server Native Client (CVE-2024-49014) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

78. Remote Code Execution - SQL Server Native Client (CVE-2024-49015) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

79. Remote Code Execution - SQL Server Native Client (CVE-2024-49016) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

80. Remote Code Execution - SQL Server Native Client (CVE-2024-49017) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

81. Remote Code Execution - SQL Server Native Client (CVE-2024-49018) - Medium [369]

Description: SQL Server Native Client Remote Code Execution Vulnerability

82. Remote Code Execution - Visual Studio Code Python Extension (CVE-2024-49050) - Medium [369]

Description: Visual Studio Code Python Extension Remote Code Execution Vulnerability

83. Elevation of Privilege - Windows Secure Kernel Mode (CVE-2024-43631) - Medium [368]

Description: Windows Secure Kernel Mode Elevation of Privilege Vulnerability

84. Elevation of Privilege - Windows Secure Kernel Mode (CVE-2024-43646) - Medium [368]

Description: Windows Secure Kernel Mode Elevation of Privilege Vulnerability

85. Elevation of Privilege - Windows USB Video Class System Driver (CVE-2024-43449) - Medium [368]

Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

86. Elevation of Privilege - Windows USB Video Class System Driver (CVE-2024-43634) - Medium [368]

Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

87. Elevation of Privilege - Windows USB Video Class System Driver (CVE-2024-43637) - Medium [368]

Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

88. Elevation of Privilege - Windows USB Video Class System Driver (CVE-2024-43638) - Medium [368]

Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

89. Elevation of Privilege - Windows USB Video Class System Driver (CVE-2024-43643) - Medium [368]

Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability

90. Memory Corruption - Chromium (CVE-2024-10230) - Medium [365]

Description: Chromium: CVE -2024-10230 Type Confusion in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-10230 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

91. Memory Corruption - Chromium (CVE-2024-10231) - Medium [365]

Description: Chromium: CVE -2024-10231 Type Confusion in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-10231 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

92. Memory Corruption - Chromium (CVE-2024-9954) - Medium [365]

Description: Chromium: CVE-2024-9954 Use after free in AI. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-9954 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

93. Security Feature Bypass - Chromium (CVE-2024-9963) - Medium [365]

Description: Chromium: CVE-2024-9963 Insufficient data validation in Downloads. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-9963 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

94. Remote Code Execution - LightGBM (CVE-2024-43598) - Medium [357]

Description: LightGBM Remote Code Execution Vulnerability

95. Remote Code Execution - Microsoft SQL Server (CVE-2024-49021) - Medium [357]

Description: Microsoft SQL Server Remote Code Execution Vulnerability

96. Remote Code Execution - Microsoft.SqlServer.XEvent.Configuration.dll (CVE-2024-49043) - Medium [357]

Description: Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability

ZDI: There are more than 50 other code execution bugs this month, but most of these impact SQL Server. These require an affected system to connect to a malicious SQL database, so the likelihood of exploitation is pretty low. There is one SQL bug that requires additional attention. CVE-2024-49043 requires an update to OLE DB Driver 18 or 19, but may also require third-party fixes, too. Ensure you read that one carefully and apply all the needed fixes. There are also quite a few open-and-own bugs in Office components, but none involve the Preview Pane. There are a half-dozen RCE bugs in the Telephony service. These all require the target to connect to a malicious server, but this could be done by tricking the user into sending a request to the attacker-controlled server.

97. Remote Code Execution - TorchGeo (CVE-2024-49048) - Medium [357]

Description: TorchGeo Remote Code Execution Vulnerability

98. Security Feature Bypass - Microsoft Word (CVE-2024-49033) - Medium [355]

Description: Microsoft Word Security Feature Bypass Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-43623 is an elevation of privilege vulnerability in Windows NT OS Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43630 is an elevation of privilege vulnerability in Windows Kernel. Upon successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43629 is an elevation of privilege vulnerability in Windows DWM Core Library. An attacker may exploit the vulnerability to gain SYSTEM privileges. CVE-2024-43636 is an elevation of privilege vulnerability in Win32k. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. CVE-2024-43642 is a denial-of-service vulnerability in Windows SMB. An attacker may exploit the vulnerability to create a denial-of-service (DoS) attack. CVE-2024-49033 is a security feature bypass vulnerability in Microsoft Word. Successful exploitation of the vulnerability may allow an attacker to bypass specific functionality of the Office Protected View.

99. Information Disclosure - Windows Package Library Manager (CVE-2024-38203) - Medium [352]

Description: Windows Package Library Manager Information Disclosure Vulnerability

100. Memory Corruption - Chromium (CVE-2024-10488) - Medium [341]

Description: Chromium: CVE-2024-10488 Use after free in WebRTC. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-10488 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

101. Memory Corruption - Chromium (CVE-2024-10826) - Medium [341]

Description: Chromium: CVE-2024-10826 Use after free in Family Experiences. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-10826 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

102. Memory Corruption - Chromium (CVE-2024-10827) - Medium [341]

Description: Chromium: CVE-2024-10827 Use after free in Serial. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-10827 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

103. Memory Corruption - Chromium (CVE-2024-9602) - Medium [341]

Description: Chromium: CVE-2024-9602 Type Confusion in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-9602 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

104. Memory Corruption - Chromium (CVE-2024-9603) - Medium [341]

Description: Chromium: CVE-2024-9603 Type Confusion in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-9603 was published before November 2024 Patch Tuesday from 2024-10-09 to 2024-11-11

105. Memory Corruption - Chromium (CVE-2024-9955) - Medium [341]

Description: Chromium: CVE-2024-9955 Use after free in Web Authentication. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.