Jetzt Ausprobieren
Patch Tuesday

Microsoft Patch Tuesday – October 2024

8 min. read
09/10/2024
By Esben Dochy
Microsoft Patch Tuesday

⚡ TL;DR | Go Straight to the October 202Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The October 2024 edition of Patch Tuesday brings us 119 new fixes, with 4 rated as critical and 2 exploited. We’ve listed the most important changes below.

Microsoft Management Console Remote Code Execution Vulnerability

One of the most dangerous vulnerabilities released this month is an RCE vulnerability that has already been exploited. CVE-2024-43572 has a CVSS base score of 7.8.

Microsoft doesn’t provide a lot of details about the actual vulnerability, but it does list that its related to a improper neutralization. Improper neutralization occurs when a program fails to correctly sanitize or escape user inputs before processing them.

Additionally, Microsoft lists that:

The security update will prevent untrusted Microsoft Saved Console (MSC) files from being opened to protect customers against the risks associated with this vulnerability.

Microsoft Office Spoofing Vulnerability

Second in line is CVE-2024-43609 with a CVSS base score of 6.5, it isn’t the most critical this month, but Microsoft has indicated it as one of the vulnerabilities that is more likely to be exploited. This is mot likely due to the risk of many users interacting with malicious office files.

Microsoft does provide two guidelines on possible mitigations, so if you’re update cycle isn’t quick, you can still mitigate the risk before your deployment of this month’s patches go out.

Windows Kernel Elevation of Privilege Vulnerability

The last highlight of this month is CVE-2024-43502 with a CVSS base score of 7.1. Just like the Office vulnerability, Microsoft has indicate that this vulnerability is at higher risk of exploitation. The fact that an attacker who successfully exploits this vulnerability could gain SYSTEM privileges could be part of the reason as it’s often one of the prerequisites to conitnue further exploitation in the network.

Run the Patch Tuesday October 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday October 2024 CVE Codes & Titles

CVE NumberCVE Title
CVE-2024-43468Microsoft Configuration Manager Remote Code Execution Vulnerability
CVE-2024-43582Remote Desktop Protocol Server Remote Code Execution Vulnerability
CVE-2024-43488Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
CVE-2024-43610Copilot Studio Information Disclosure Vulnerability
CVE-2024-37341Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-38097Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-43516Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-38179Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
CVE-2024-38261Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43480Azure Service Fabric for Linux Remote Code Execution Vulnerability
CVE-2024-43481Power BI Report Server Spoofing Vulnerability
CVE-2024-38229.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-43502Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43503Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2024-43504Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-43505Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43506BranchCache Denial of Service Vulnerability
CVE-2024-43508Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43513BitLocker Security Feature Bypass Vulnerability
CVE-2024-43515Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
CVE-2024-43518Windows Telephony Server Remote Code Execution Vulnerability
CVE-2024-43519Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-43525Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43526Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43527Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43529Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-43532Remote Registry Service Elevation of Privilege Vulnerability
CVE-2024-43533Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43534Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43535Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-43537Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43538Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43540Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43541Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
CVE-2024-43542Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43543Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43554Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-43576Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43581Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-6197Open Source Curl Remote Code Execution Vulnerability
CVE-2024-43601Visual Studio Code for Linux Remote Code Execution Vulnerability
CVE-2024-43604Outlook for Android Elevation of Privilege Vulnerability
CVE-2024-43608Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43609Microsoft Office Spoofing Vulnerability
CVE-2024-43607Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43612Power BI Report Server Spoofing Vulnerability
CVE-2024-43615Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43616Microsoft Office Remote Code Execution Vulnerability
CVE-2024-43500Windows Resilient File System (ReFS) Information Disclosure Vulnerability
CVE-2024-20659Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2024-37976Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37982Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37979Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-37983Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-38149BranchCache Denial of Service Vulnerability
CVE-2024-38029Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-38129Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38124Windows Netlogon Elevation of Privilege Vulnerability
CVE-2024-38265Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38262Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43453Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38212Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30092Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-43456Windows Remote Desktop Services Tampering Vulnerability
CVE-2024-43483.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2024-43484.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2024-43485.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-43497DeepSpeed Remote Code Execution Vulnerability
CVE-2024-43501Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-43509Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43511Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43512Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-43514Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-43517Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-43520Windows Kernel Denial of Service Vulnerability
CVE-2024-43521Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43522Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2024-43523Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43524Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43528Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43536Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43544Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
CVE-2024-43545Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
CVE-2024-43546Windows Cryptographic Information Disclosure Vulnerability
CVE-2024-43547Windows Kerberos Information Disclosure Vulnerability
CVE-2024-43549Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43550Windows Secure Channel Spoofing Vulnerability
CVE-2024-43551Windows Storage Elevation of Privilege Vulnerability
CVE-2024-43552Windows Shell Remote Code Execution Vulnerability
CVE-2024-43553NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43555Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43556Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43557Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43558Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43559Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43560Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
CVE-2024-43561Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43562Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43563Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-43564Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43565Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43567Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43570Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43571Sudo for Windows Spoofing Vulnerability
CVE-2024-43572Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-43574Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-43575Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43584Windows Scripting Engine Security Feature Bypass Vulnerability
CVE-2024-43585Code Integrity Guard Security Feature Bypass Vulnerability
CVE-2024-43589Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43590Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-43591Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
CVE-2024-43592Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43593Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43599Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43603Visual Studio Collector Service Denial of Service Vulnerability
CVE-2024-43583Winlogon Elevation of Privilege Vulnerability
CVE-2024-43614Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
CVE-2024-43611Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-43573Windows MSHTML Platform Spoofing Vulnerability