⚡ TL;DR | Go Straight to the October 2024 Patch Tuesday Audit Report
Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The October 2024 edition of Patch Tuesday brings us 119 new fixes, with 4 rated as critical and 2 exploited. We’ve listed the most important changes below.
Microsoft Management Console Remote Code Execution Vulnerability
One of the most dangerous vulnerabilities released this month is an RCE vulnerability that has already been exploited. CVE-2024-43572 has a CVSS base score of 7.8.
Microsoft doesn’t provide a lot of details about the actual vulnerability, but it does list that its related to a improper neutralization. Improper neutralization occurs when a program fails to correctly sanitize or escape user inputs before processing them.
Additionally, Microsoft lists that:
The security update will prevent untrusted Microsoft Saved Console (MSC) files from being opened to protect customers against the risks associated with this vulnerability.
Microsoft Office Spoofing Vulnerability
Second in line is CVE-2024-43609 with a CVSS base score of 6.5, it isn’t the most critical this month, but Microsoft has indicated it as one of the vulnerabilities that is more likely to be exploited. This is mot likely due to the risk of many users interacting with malicious office files.
Microsoft does provide two guidelines on possible mitigations, so if you’re update cycle isn’t quick, you can still mitigate the risk before your deployment of this month’s patches go out.
Windows Kernel Elevation of Privilege Vulnerability
The last highlight of this month is CVE-2024-43502 with a CVSS base score of 7.1. Just like the Office vulnerability, Microsoft has indicate that this vulnerability is at higher risk of exploitation. The fact that an attacker who successfully exploits this vulnerability could gain SYSTEM privileges could be part of the reason as it’s often one of the prerequisites to conitnue further exploitation in the network.
Run the Patch Tuesday October 2024 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday October 2024 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2024-43468 | Microsoft Configuration Manager Remote Code Execution Vulnerability |
CVE-2024-43582 | Remote Desktop Protocol Server Remote Code Execution Vulnerability |
CVE-2024-43488 | Visual Studio Code extension for Arduino Remote Code Execution Vulnerability |
CVE-2024-43610 | Copilot Studio Information Disclosure Vulnerability |
CVE-2024-37341 | Microsoft SQL Server Elevation of Privilege Vulnerability |
CVE-2024-38097 | Azure Monitor Agent Elevation of Privilege Vulnerability |
CVE-2024-43516 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
CVE-2024-38179 | Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability |
CVE-2024-38261 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43480 | Azure Service Fabric for Linux Remote Code Execution Vulnerability |
CVE-2024-43481 | Power BI Report Server Spoofing Vulnerability |
CVE-2024-38229 | .NET and Visual Studio Remote Code Execution Vulnerability |
CVE-2024-43502 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2024-43503 | Microsoft SharePoint Elevation of Privilege Vulnerability |
CVE-2024-43504 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2024-43505 | Microsoft Office Visio Remote Code Execution Vulnerability |
CVE-2024-43506 | BranchCache Denial of Service Vulnerability |
CVE-2024-43508 | Windows Graphics Component Information Disclosure Vulnerability |
CVE-2024-43513 | BitLocker Security Feature Bypass Vulnerability |
CVE-2024-43515 | Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability |
CVE-2024-43518 | Windows Telephony Server Remote Code Execution Vulnerability |
CVE-2024-43519 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
CVE-2024-43525 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2024-43526 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2024-43527 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2024-43529 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2024-43532 | Remote Registry Service Elevation of Privilege Vulnerability |
CVE-2024-43533 | Remote Desktop Client Remote Code Execution Vulnerability |
CVE-2024-43534 | Windows Graphics Component Information Disclosure Vulnerability |
CVE-2024-43535 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
CVE-2024-43537 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43538 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43540 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43541 | Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability |
CVE-2024-43542 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43543 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2024-43554 | Windows Kernel-Mode Driver Information Disclosure Vulnerability |
CVE-2024-43576 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2024-43581 | Microsoft OpenSSH for Windows Remote Code Execution Vulnerability |
CVE-2024-6197 | Open Source Curl Remote Code Execution Vulnerability |
CVE-2024-43601 | Visual Studio Code for Linux Remote Code Execution Vulnerability |
CVE-2024-43604 | Outlook for Android Elevation of Privilege Vulnerability |
CVE-2024-43608 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43609 | Microsoft Office Spoofing Vulnerability |
CVE-2024-43607 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43612 | Power BI Report Server Spoofing Vulnerability |
CVE-2024-43615 | Microsoft OpenSSH for Windows Remote Code Execution Vulnerability |
CVE-2024-43616 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2024-43500 | Windows Resilient File System (ReFS) Information Disclosure Vulnerability |
CVE-2024-20659 | Windows Hyper-V Security Feature Bypass Vulnerability |
CVE-2024-37976 | Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
CVE-2024-37982 | Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
CVE-2024-37979 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2024-37983 | Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
CVE-2024-38149 | BranchCache Denial of Service Vulnerability |
CVE-2024-38029 | Microsoft OpenSSH for Windows Remote Code Execution Vulnerability |
CVE-2024-38129 | Windows Kerberos Elevation of Privilege Vulnerability |
CVE-2024-38124 | Windows Netlogon Elevation of Privilege Vulnerability |
CVE-2024-38265 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-38262 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
CVE-2024-43453 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-38212 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-30092 | Windows Hyper-V Remote Code Execution Vulnerability |
CVE-2024-43456 | Windows Remote Desktop Services Tampering Vulnerability |
CVE-2024-43483 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability |
CVE-2024-43484 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability |
CVE-2024-43485 | .NET and Visual Studio Denial of Service Vulnerability |
CVE-2024-43497 | DeepSpeed Remote Code Execution Vulnerability |
CVE-2024-43501 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
CVE-2024-43509 | Windows Graphics Component Elevation of Privilege Vulnerability |
CVE-2024-43511 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2024-43512 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
CVE-2024-43514 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
CVE-2024-43517 | Microsoft ActiveX Data Objects Remote Code Execution Vulnerability |
CVE-2024-43520 | Windows Kernel Denial of Service Vulnerability |
CVE-2024-43521 | Windows Hyper-V Denial of Service Vulnerability |
CVE-2024-43522 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability |
CVE-2024-43523 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2024-43524 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2024-43528 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
CVE-2024-43536 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
CVE-2024-43544 | Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability |
CVE-2024-43545 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability |
CVE-2024-43546 | Windows Cryptographic Information Disclosure Vulnerability |
CVE-2024-43547 | Windows Kerberos Information Disclosure Vulnerability |
CVE-2024-43549 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43550 | Windows Secure Channel Spoofing Vulnerability |
CVE-2024-43551 | Windows Storage Elevation of Privilege Vulnerability |
CVE-2024-43552 | Windows Shell Remote Code Execution Vulnerability |
CVE-2024-43553 | NT OS Kernel Elevation of Privilege Vulnerability |
CVE-2024-43555 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43556 | Windows Graphics Component Elevation of Privilege Vulnerability |
CVE-2024-43557 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43558 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43559 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43560 | Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability |
CVE-2024-43561 | Windows Mobile Broadband Driver Denial of Service Vulnerability |
CVE-2024-43562 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
CVE-2024-43563 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
CVE-2024-43564 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43565 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
CVE-2024-43567 | Windows Hyper-V Denial of Service Vulnerability |
CVE-2024-43570 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2024-43571 | Sudo for Windows Spoofing Vulnerability |
CVE-2024-43572 | Microsoft Management Console Remote Code Execution Vulnerability |
CVE-2024-43574 | Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability |
CVE-2024-43575 | Windows Hyper-V Denial of Service Vulnerability |
CVE-2024-43584 | Windows Scripting Engine Security Feature Bypass Vulnerability |
CVE-2024-43585 | Code Integrity Guard Security Feature Bypass Vulnerability |
CVE-2024-43589 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43590 | Visual C++ Redistributable Installer Elevation of Privilege Vulnerability |
CVE-2024-43591 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability |
CVE-2024-43592 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43593 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43599 | Remote Desktop Client Remote Code Execution Vulnerability |
CVE-2024-43603 | Visual Studio Collector Service Denial of Service Vulnerability |
CVE-2024-43583 | Winlogon Elevation of Privilege Vulnerability |
CVE-2024-43614 | Microsoft Defender for Endpoint for Linux Spoofing Vulnerability |
CVE-2024-43611 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
CVE-2024-43573 | Windows MSHTML Platform Spoofing Vulnerability |