Microsoft Patch Tuesday – October 2024

⚡ TL;DR | Go Straight to the October 2024 Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The October 2024 edition of Patch Tuesday brings us 119 new fixes, with 4 rated as critical and 2 exploited. We’ve listed the most important changes below.

Microsoft Management Console Remote Code Execution Vulnerability

One of the most dangerous vulnerabilities released this month is an RCE vulnerability that has already been exploited. CVE-2024-43572 has a CVSS base score of 7.8.

Microsoft doesn’t provide a lot of details about the actual vulnerability, but it does list that its related to a improper neutralization. Improper neutralization occurs when a program fails to correctly sanitize or escape user inputs before processing them.

Additionally, Microsoft lists that:

The security update will prevent untrusted Microsoft Saved Console (MSC) files from being opened to protect customers against the risks associated with this vulnerability.

Microsoft Office Spoofing Vulnerability

Second in line is CVE-2024-43609 with a CVSS base score of 6.5, it isn’t the most critical this month, but Microsoft has indicated it as one of the vulnerabilities that is more likely to be exploited. This is mot likely due to the risk of many users interacting with malicious office files.

Microsoft does provide two guidelines on possible mitigations, so if you’re update cycle isn’t quick, you can still mitigate the risk before your deployment of this month’s patches go out.

Windows Kernel Elevation of Privilege Vulnerability

The last highlight of this month is CVE-2024-43502 with a CVSS base score of 7.1. Just like the Office vulnerability, Microsoft has indicate that this vulnerability is at higher risk of exploitation. The fact that an attacker who successfully exploits this vulnerability could gain SYSTEM privileges could be part of the reason as it’s often one of the prerequisites to conitnue further exploitation in the network.

Run the Patch Tuesday October 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday October 2024 CVE Codes & Titles

CVE Number	CVE Title
CVE-2024-43468	Microsoft Configuration Manager Remote Code Execution Vulnerability
CVE-2024-43582	Remote Desktop Protocol Server Remote Code Execution Vulnerability
CVE-2024-43488	Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
CVE-2024-43610	Copilot Studio Information Disclosure Vulnerability
CVE-2024-37341	Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-38097	Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-43516	Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-38179	Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
CVE-2024-38261	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43480	Azure Service Fabric for Linux Remote Code Execution Vulnerability
CVE-2024-43481	Power BI Report Server Spoofing Vulnerability
CVE-2024-38229	.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-43502	Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43503	Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2024-43504	Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-43505	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43506	BranchCache Denial of Service Vulnerability
CVE-2024-43508	Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43513	BitLocker Security Feature Bypass Vulnerability
CVE-2024-43515	Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
CVE-2024-43518	Windows Telephony Server Remote Code Execution Vulnerability
CVE-2024-43519	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-43525	Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43526	Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43527	Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43529	Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-43532	Remote Registry Service Elevation of Privilege Vulnerability
CVE-2024-43533	Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43534	Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43535	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-43537	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43538	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43540	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43541	Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
CVE-2024-43542	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43543	Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43554	Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-43576	Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43581	Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-6197	Open Source Curl Remote Code Execution Vulnerability
CVE-2024-43601	Visual Studio Code for Linux Remote Code Execution Vulnerability
CVE-2024-43604	Outlook for Android Elevation of Privilege Vulnerability
CVE-2024-43608	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43609	Microsoft Office Spoofing Vulnerability
CVE-2024-43607	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43612	Power BI Report Server Spoofing Vulnerability
CVE-2024-43615	Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43616	Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43500	Windows Resilient File System (ReFS) Information Disclosure Vulnerability
CVE-2024-20659	Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2024-37976	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37982	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37979	Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-37983	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-38149	BranchCache Denial of Service Vulnerability
CVE-2024-38029	Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-38129	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38124	Windows Netlogon Elevation of Privilege Vulnerability
CVE-2024-38265	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38262	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43453	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38212	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30092	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-43456	Windows Remote Desktop Services Tampering Vulnerability
CVE-2024-43483	.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2024-43484	.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2024-43485	.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-43497	DeepSpeed Remote Code Execution Vulnerability
CVE-2024-43501	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-43509	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43511	Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43512	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-43514	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-43517	Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-43520	Windows Kernel Denial of Service Vulnerability
CVE-2024-43521	Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43522	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2024-43523	Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43524	Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43528	Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43536	Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43544	Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
CVE-2024-43545	Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-43546	Windows Cryptographic Information Disclosure Vulnerability
CVE-2024-43547	Windows Kerberos Information Disclosure Vulnerability
CVE-2024-43549	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43550	Windows Secure Channel Spoofing Vulnerability
CVE-2024-43551	Windows Storage Elevation of Privilege Vulnerability
CVE-2024-43552	Windows Shell Remote Code Execution Vulnerability
CVE-2024-43553	NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43555	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43556	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43557	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43558	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43559	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43560	Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
CVE-2024-43561	Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43562	Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43563	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-43564	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43565	Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43567	Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43570	Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43571	Sudo for Windows Spoofing Vulnerability
CVE-2024-43572	Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-43574	Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-43575	Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43584	Windows Scripting Engine Security Feature Bypass Vulnerability
CVE-2024-43585	Code Integrity Guard Security Feature Bypass Vulnerability
CVE-2024-43589	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43590	Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-43591	Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
CVE-2024-43592	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43593	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43599	Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43603	Visual Studio Collector Service Denial of Service Vulnerability
CVE-2024-43583	Winlogon Elevation of Privilege Vulnerability
CVE-2024-43614	Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
CVE-2024-43611	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43573	Windows MSHTML Platform Spoofing Vulnerability