Microsoft Security Response Center Blog Alerts

Information published.

Information published.

To comprehensively address CVE-2024-38033, Microsoft released security updates on December 10, 2024 for all affected versions of Windows Server 2012 and Windows Server 2012 R2.

Microsoft recommends that customers running any of these products install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.

Information published.

Information published.

Information published.

Information published.

In the Security Updates table, the following changes have been made: 1) Added Windows Server 2025 as it is affected by this vulnerability. 2) To comprehensively address CVE-2024-43583, Microsoft has released December 2024 security updates for all supported editions of Windows. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.

Added acknowledgements. This is an informational change only.