CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Published December 10, 2024
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability
Published December 10, 2024
Information published.
CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability
Published December 10, 2024
To comprehensively address CVE-2024-38033, Microsoft released security updates on December 10, 2024 for all affected versions of Windows Server 2012 and Windows Server 2012 R2.
Microsoft recommends that customers running any of these products install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
CVE-2024-49085 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49104 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49129 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49088 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Published December 10, 2024
Information published.
CVE-2024-43583 Winlogon Elevation of Privilege Vulnerability
Published December 10, 2024
In the Security Updates table, the following changes have been made: 1) Added Windows Server 2025 as it is affected by this vulnerability. 2) To comprehensively address CVE-2024-43583, Microsoft has released December 2024 security updates for all supported editions of Windows. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
