Microsoft November Patch Tuesday: 4 Zero-Days & 89 Vulnerabilities Patched


Microsoft's latest Patch Tuesday update addressed 89 security vulnerabilities across its software, including four zero-day flaws, two of which are actively exploited. CVE-2024-43451 (NTLM Hash Disclosure) and CVE-2024-49039 (Windows Task Scheduler Privilege Escalation) pose significant risks, allowing remote attacks and privilege elevation, respectively. The remaining zero-days—CVE-2024-49040 (Exchange Server Spoofing) and CVE-2024-49019 (Active Directory Elevation of Privilege)—have been disclosed but not exploited. The update also includes critical patches for vulnerabilities in Windows Kerberos, Hyper-V, .NET, Visual Studio, and Azure CycleCloud. Microsoft urges immediate patching to safeguard against these threats. Other notable updates this month include patches for Citrix, SAP, Epson, and Cisco products.

Read More


thumb-image

Solutions