Summarizing from https://msrc.microsoft.com/update-guide/releaseNote/2024-Nov.
Key Takeways#
In November 2024, Microsoft released 103 CVEs as part of their Patch Tuesday updates.
89newly disclosed vulnerabilities in Nov 2024 release.- Total of
2CVEs found in CISA_KEV and exploited in wild. 52remote code execution vulnerabilities (most impactful type).- Highest CVSS scored vulnerability is 9.9.
- SQL Server: There are 31 vulnerabilities in SQL Server, all of which are rated 8.8.
- Exchange: There is one vulnerability in Exchange,
CVE-2024-4904, which is an important spoofing vulnerability. - Total of
102CVEs that require customer action. (New metric starting in Aug 2024)
Highlights#
CVE-2024-43451: NTLM Hash Disclosure Spoofing VulnerabilityCVE-2024-49039: Windows Task Scheduler Elevation of Privilege VulnerabilityCVE-2024-43639: A critical remote code execution vulnerability in Windows Server.CVE-2024-38255: SQL Server, CVSS 8.8CVE-2024-43447: Windows SMBv3 Client/Server, CVSS 8.1CVE-2024-43498: .NET and Visual Studio, CVSS 9.8CVE-2024-43602: Azure CycleCloud, CVSS 9.9
Video is added later on Nov 19.
Patch_Tuesday#
$ ./patch_tuesday.py -k 2024-nov -vc
___ __ __ ______ __
/ _ \___ _/ /_____/ / /_ __/_ _____ ___ ___/ /__ ___ __
/ ___/ _ `/ __/ __/ _ \_ / / / // / -_|_-</ _ / _ `/ // /
/_/ \_,_/\__/\__/_//_(_)_/ \_,_/\__/___/\_,_/\_,_/\_, /
/___/
[*] Finish fetching [3,064,834 bytes] from https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2024-nov
[*] CISA Catalog of Known Exploited Vulnerabilities [ 2024.11.18/1217 ]
Microsoft Patch Tuesday - By MSRC
===============================================
<< November 2024 Security Updates [ 2024-11-12 ] >>
[+] Vulnerabilities : [ 103 ]
[-] High_Severity : [ 43 ]
[-] High_likelihood : [ 9 ]
[-] Exploited in_wild : [ 2 ]
[-] Action_required : [ 102 ]
[-] Found in CISA_KEV : [ 2 ]
High_Severity/43
โโโโโโโโโโโโโโโโโโณโโโโโโโโโโโโโโโโโโณโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ CVE โ CVSS_Base/Temp โ Title_Value โ
โกโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฉ
โ CVE-2024-43602 โ B:9.9/T:8.6 โ Azure CycleCloud Remote Code Execution Vulnerability โ
โ CVE-2024-43627 โ B:8.8/T:7.7 โ Windows Telephony Service Remote Code Execution Vulnerability โ
โ CVE-2024-43628 โ B:8.8/T:7.7 โ Windows Telephony Service Remote Code Execution Vulnerability โ
โ CVE-2024-38255 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-43459 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-43462 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-48994 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-48995 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-48996 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-5535 โ B:9.1/T:8.7 โ OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overread โ
โ CVE-2024-43498 โ B:9.8/T:8.5 โ .NET and Visual Studio Remote Code Execution Vulnerability โ
โ CVE-2024-43620 โ B:8.8/T:7.7 โ Windows Telephony Service Remote Code Execution Vulnerability โ
โ CVE-2024-43621 โ B:8.8/T:7.7 โ Windows Telephony Service Remote Code Execution Vulnerability โ
โ CVE-2024-43622 โ B:8.8/T:7.7 โ Windows Telephony Service Remote Code Execution Vulnerability โ
โ CVE-2024-43624 โ B:8.8/T:7.7 โ Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability โ
โ CVE-2024-43635 โ B:8.8/T:7.7 โ Windows Telephony Service Remote Code Execution Vulnerability โ
โ CVE-2024-48993 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-48997 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-48998 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-48999 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49000 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49001 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49002 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49003 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49004 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49005 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49007 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49006 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49008 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49009 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49010 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49011 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49012 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49013 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49014 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49015 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49016 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49017 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49018 โ B:8.8/T:7.7 โ SQL Server Native Client Remote Code Execution Vulnerability โ
โ CVE-2024-49039 โ B:8.8/T:8.2 [K] โ Windows Task Scheduler Elevation of Privilege Vulnerability โ
โ CVE-2024-49050 โ B:8.8/T:7.7 โ Visual Studio Code Python Extension Remote Code Execution Vulnerability โ
โ CVE-2024-49060 โ B:8.8/T:7.7 โ Azure Stack HCI Elevation of Privilege Vulnerability โ
โ CVE-2024-43639 โ B:9.8/T:8.5 โ Windows KDC Proxy Remote Code Execution Vulnerability โ
โโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
High_Likelihood/9
โโโโโโโโโโโโโโโโโโณโโโโโโโโโโโโโโโโโณโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ CVE โ CVSS_Base/Temp โ Title_Value โ
โกโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฉ
โ CVE-2024-43623 โ B:7.8/T:6.8 โ Windows NT OS Kernel Elevation of Privilege Vulnerability โ
โ CVE-2024-43630 โ B:7.8/T:6.8 โ Windows Kernel Elevation of Privilege Vulnerability โ
โ CVE-2024-49040 โ B:7.5/T:6.7 โ Microsoft Exchange Server Spoofing Vulnerability โ
โ CVE-2024-43629 โ B:7.8/T:6.8 โ Windows DWM Core Library Elevation of Privilege Vulnerability โ
โ CVE-2024-43636 โ B:7.8/T:6.8 โ Win32k Elevation of Privilege Vulnerability โ
โ CVE-2024-43642 โ B:7.5/T:6.5 โ Windows SMB Denial of Service Vulnerability โ
โ CVE-2024-49019 โ B:7.8/T:6.8 โ Active Directory Certificate Services Elevation of Privilege Vulnerability โ
โ CVE-2024-49033 โ B:7.5/T:6.5 โ Microsoft Word Security Feature Bypass Vulnerability โ
โ CVE-2024-49060 โ B:8.8/T:7.7 โ Azure Stack HCI Elevation of Privilege Vulnerability โ
โโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Exploited_in_Wild/2
โโโโโโโโโโโโโโโโโโณโโโโโโโโโโโโโโโโโโณโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ CVE โ CVSS_Base/Temp โ Title_Value โ
โกโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฉ
โ CVE-2024-43451 โ B:6.5/T:6.0 [K] โ NTLM Hash Disclosure Spoofing Vulnerability โ
โ CVE-2024-49039 โ B:8.8/T:8.2 [K] โ Windows Task Scheduler Elevation of Privilege Vulnerability โ
โโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[+] Product Families (12)
Windows โโโโโโโโโโโโ 27
Azure โโโโโโโโโโโ 25
Microsoft Office โโโโโโโโโ 22
ESU โโโโ 10
Developer Tools โโโโ 9
SQL Server โโโ 8
Mariner โโโ 6
Server Software โ 3
System Center โ 2
Open Source Software โ 2
Browser โ 1
Apps โ 1
[*] "November 2024 Security Updates" (Rev 164)
[-] Initial Release date: 2024-11-12T08:00:00
[-] Current Release date: 2024-11-18T08:00:00
[*] [2024-11-19] main(): Completed within [9.6138 sec].
Outro#
- Tool: Patch_Tuesday at GitHub.
- Tool: CISA KEV Catalog at GitHub.