On-demand webinar: Building a secure and employee-centric digital workplace

WATCH NOW

Microsoft Patch Tuesday December 2024 - Summary

118

Patches

71

Vulnerabilities

13

Articles

6

Impacts

CVE Index for December 2024 Patch Tuesday Updates

Vulnerable Component Impact CVE ID
Windows Remote Desktop Services Remote Code Execution CVE-2024-49132
Windows Remote Desktop Services Remote Code Execution CVE-2024-49128
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution CVE-2024-49127
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution CVE-2024-49126
Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution CVE-2024-49124
Windows Remote Desktop Services Remote Code Execution CVE-2024-49123
Microsoft Message Queuing (MSMQ) Remote Code Execution CVE-2024-49122
Windows Remote Desktop Services Remote Code Execution CVE-2024-49120
Windows Remote Desktop Services Remote Code Execution CVE-2024-49119
Microsoft Message Queuing (MSMQ) Remote Code Execution CVE-2024-49118
Windows Hyper-V Remote Code Execution CVE-2024-49117
Windows Remote Desktop Services Remote Code Execution CVE-2024-49116
Windows Remote Desktop Services Remote Code Execution CVE-2024-49115
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution CVE-2024-49112
Windows Remote Desktop Services Remote Code Execution CVE-2024-49108
Windows Remote Desktop Services Remote Code Execution CVE-2024-49106
Remote Desktop Client Remote Code Execution CVE-2024-49105
Vulnerable Component Impact CVE ID
Windows Common Log File System Driver Elevation of Privilege CVE-2024-49138
CVE ID Severity Impact
CVE-2024-49125 Important Remote Code Execution
CVE-2024-49114 Important Elevation of Privilege
CVE-2024-49113 Important Denial of Service
CVE-2024-49111 Important Elevation of Privilege
CVE-2024-49110 Important Elevation of Privilege
CVE-2024-49109 Important Elevation of Privilege
CVE-2024-49129 Important Denial of Service
CVE-2024-49121 Important Denial of Service
CVE-2024-49104 Important Remote Code Execution
CVE-2024-49103 Important Information Disclosure
CVE-2024-49102 Important Remote Code Execution
CVE-2024-49101 Important Elevation of Privilege
CVE-2024-49099 Important Information Disclosure
CVE-2024-49098 Important Information Disclosure
CVE-2024-49097 Important Elevation of Privilege
CVE-2024-49096 Important Denial of Service
CVE-2024-49095 Important Elevation of Privilege
CVE-2024-49094 Important Elevation of Privilege
CVE-2024-49093 Important Elevation of Privilege
CVE-2024-49092 Important Elevation of Privilege
CVE-2024-49091 Important Remote Code Execution
CVE-2024-49090 Important Elevation of Privilege
CVE-2024-49089 Important Remote Code Execution
CVE-2024-49088 Important Elevation of Privilege
CVE-2024-49087 Important Information Disclosure
CVE-2024-49086 Important Remote Code Execution
CVE-2024-49085 Important Remote Code Execution
CVE-2024-49084 Important Elevation of Privilege
CVE-2024-49083 Important Elevation of Privilege
CVE-2024-49082 Important Information Disclosure
CVE-2024-49081 Important Elevation of Privilege
CVE-2024-49080 Important Remote Code Execution
CVE-2024-49078 Important Elevation of Privilege
CVE-2024-49077 Important Elevation of Privilege
CVE-2024-49076 Important Elevation of Privilege
CVE-2024-49075 Important Denial of Service
CVE-2024-49074 Important Elevation of Privilege
CVE-2024-49073 Important Elevation of Privilege
CVE-2024-49072 Important Elevation of Privilege
CVE-2024-49057 Important Spoofing
CVE ID Severity Impact
CVE-2024-49142 Important Remote Code Execution
CVE-2024-49079 Important Remote Code Execution
CVE-2024-49070 Important Remote Code Execution
CVE-2024-49069 Important Remote Code Execution
CVE-2024-49068 Important Elevation of Privilege
CVE-2024-49065 Important Remote Code Execution
CVE-2024-49064 Important Information Disclosure
CVE-2024-49062 Important Information Disclosure
CVE-2024-49059 Important Elevation of Privilege
CVE-2024-43600 Important Elevation of Privilege
Vulnerable Component CVE ID Severity Impact
System Center Operations Manager CVE-2024-43594 Important Elevation of Privilege
WmsRepair Service CVE-2024-49107 Important Elevation of Privilege
Microsoft/Muzic CVE-2024-49063 Important Remote Code Execution

Previous Patch Tuesday Updates and Fixes

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday, the colloquial term for Microsoft's Update Tuesday that falls on second Tuesday of every month. That is when Microsoft rolls out patch updates to improve security of Microsoft applications. Coinciding with the Patch Tuesday it is also a general trend for the roll out of patch updates for other third party applications that include Adobe and Mozilla, among many others.

When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on December 10, 2024.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on -. You can make your registrations here.

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.