CVE-2024-49112
published 2024-12-12CVE-2024-49112: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Affected
46 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.20857 | 10.0.10240.20857 |
| microsoft | windows_10_1607 | < 10.0.14393.7606 | 10.0.14393.7606 |
| microsoft | windows_10_1809 | < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_10_21h2 | < 10.0.19044.5247 | 10.0.19044.5247 |
| microsoft | windows_10_22h2 | < 10.0.19045.5247 | 10.0.19045.5247 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20857 | 10.0.10240.20857 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7606 | 10.0.14393.7606 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.5247 | 10.0.19044.5247 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5247 | 10.0.19045.5247 |
| microsoft | windows_11_22h2 | < 10.0.22621.4602 | 10.0.22621.4602 |
| microsoft | windows_11_24h2 | < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.4602 | 10.0.22621.4602 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27467 | 6.1.7601.27467 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.23016 | 6.0.6003.23016 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25222 | 6.2.9200.25222 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22318 | 6.3.9600.22318 |
| microsoft | windows_server_2016 | < 10.0.14393.7606 | 10.0.14393.7606 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.7606 | 10.0.14393.7606 |
| microsoft | windows_server_2019 | < 10.0.17763.6659 | 10.0.17763.6659 |
GHSA
GHSA-ffx5-3pxp-6q4w: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
ghsa_unreviewed·2024-12-12
CVE-2024-49112 [CRITICAL] CWE-190 GHSA-ffx5-3pxp-6q4w: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Microsoft
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
vendor_msrc·2024-12-10·CVSS 9.8
CVE-2024-49112 [CRITICAL] CWE-190 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
FAQ: What actions do customers need to perform to be protected against this vulnerability?
This vulnerability affects both LDAP clients and servers running an affected version of Windows listed in the Security Updates table. Customers must apply the latest security update for their Windows version to be protected against this vulnerability.
FAQ: How could an attacker exploit this vulnerability?
A remote unauthenticated attacker who successfully exploited this vulnerability would gain the ability to execute arbitrary code within the context of the LDAP service. However successful exploitation is dependent upon what component is targeted.
In the context of exploiting a domain controller for an LDAP ser
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
blogs_bleepingcomputer·2025-01-11·CVSS 9.8
CVE-2024-49113 [CRITICAL] Fake LDAPNightmware exploit on GitHub spreads infostealer malware
## Fake LDAPNightmware exploit on GitHub spreads infostealer malware
## Bill Toulas
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server.
The tactic isn't novel, as there have been multiple documented cases of malicious tools disguised as PoC exploits on GitHub.
However, this case, discovered by Trend Micro , highlights that threat actors continue to use the tactic to trick unsuspecting users into infecting themselves with malware.
## A deceptive exploit
Trend Micro reports that the malicious GitHub repository contains a project that appears to have been forked from SafeBreach Labs' legitimate PoC for CVE-2024-49113, published on January 1, 2025.
Trendmicro
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
blogs_trendmicro·2025-01-09·CVSS 9.8
CVE-2024-49113 [CRITICAL] Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Ciberamenazas
## Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware.
By: Sarah Pearl Camiling Jan 09, 2025 Read time: ( words)
Save to Folio
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:
CVE-2024-49112 : A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
CVE-2024-
Trendmicro
Information Stealer Pretends to be LDAPNightmare (CVE-2024-49113) PoC Exploit
blogs_trendmicro·2025-01-09·CVSS 9.8
CVE-2024-49113 [CRITICAL] Information Stealer Pretends to be LDAPNightmare (CVE-2024-49113) PoC Exploit
Cyber Threats
## Information Stealer Pretends to be LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware.
By: Sarah Pearl Camiling Jan 09, 2025 Read time: ( words)
Save to Folio
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft's monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:
CVE-2024-49112 : A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
CVE-2024-
Trendmicro
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
blogs_trendmicro·2025-01-09·CVSS 9.8
CVE-2024-49113 [CRITICAL] Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Cyberbedrohungen
## Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware.
By: Sarah Pearl Camiling Jan 09, 2025 Read time: ( words)
Save to Folio
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:
CVE-2024-49112 : A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
CVE-20
Trendmicro
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
blogs_trendmicro·2025-01-09·CVSS 9.8
CVE-2024-49113 [CRITICAL] Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Cyber Threats
# Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware.
By: Sarah Pearl Camiling
2025/01/09
Read time: ( words)
Save to Folio
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:
- CVE-2024-49112: A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
- CVE-2024-
Trendmicro
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
blogs_trendmicro·2025-01-09·CVSS 9.8
CVE-2024-49113 [CRITICAL] Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Cyber Threats
## Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware.
By: Sarah Pearl Camiling Jan 09, 2025 Read time: ( words)
Save to Folio
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:
CVE-2024-49112 : A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
CVE-2024-
Trendmicro
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
blogs_trendmicro·2025-01-09·CVSS 9.8
CVE-2024-49113 [CRITICAL] Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Cyber Threats
## Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Our blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware.
By: Sarah Pearl Camiling 2025/01/09 Read time: ( words)
Save to Folio
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:
CVE-2024-49112 : A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
CVE-2024-49
Checkpoint
6th January– Threat Intelligence Report
blogs_checkpoint·2025-01-06·CVSS 9.8
CVE-2024-12356 [CRITICAL] 6th January– Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 6th January– Threat Intelligence Report
For the latest discoveries in cyber research for the week of 6th January, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
Check Point elaborated on the US Treasury Department cyber-attack that compromised employee workstations and classified documents. The breach, attributed to a China state-sponsored threat actor, involved unauthorized remote access using a security key from third-party provider BeyondTrust. The attackers exploited two vulnera
Trendmicro
What We Know About CVE-2024-49112 and CVE-2024-49113
blogs_trendmicro·2025-01-04·CVSS 9.8
CVE-2024-49112 [CRITICAL] What We Know About CVE-2024-49112 and CVE-2024-49113
Exploits y vulnerabilidades
## What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that organizations need to know to stay protected against potential exploitation.
By: Trend Micro Jan 04, 2025 Read time: ( words)
Save to Folio
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112 , a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113 , a denial-of-service (DoS) flaw with a 7.5 CVSS score.
This blog entry provides an overview of these two vulnerabilities and includes information that IT and SOC professionals need to know.
Trendmicro
What We Know About CVE-2024-49112 and CVE-2024-49113
blogs_trendmicro·2025-01-04·CVSS 9.8
CVE-2024-49112 [CRITICAL] What We Know About CVE-2024-49112 and CVE-2024-49113
Exploits & Vulnerabilities
## What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that organizations need to know to stay protected against potential exploitation.
By: Trend Micro Jan 04, 2025 Read time: ( words)
Save to Folio
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112 , a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113 , a denial-of-service (DoS) flaw with a 7.5 CVSS score.
This blog entry provides an overview of these two vulnerabilities and includes information that IT and SOC professionals need to know.
Trendmicro
What We Know About CVE-2024-49112 and CVE-2024-49113
blogs_trendmicro·2025-01-04·CVSS 9.8
CVE-2024-49112 [CRITICAL] What We Know About CVE-2024-49112 and CVE-2024-49113
Exploits & Vulnerabilities
## What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that organisations need to know to stay protected against potential exploitation.
By: Trend Micro Jan 04, 2025 Read time: ( words)
Save to Folio
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112 , a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113 , a denial-of-service (DoS) flaw with a 7.5 CVSS score.
This blog entry provides an overview of these two vulnerabilities and includes information that IT and SOC professionals need to know.
Trendmicro
What We Know About CVE-2024-49112 and CVE-2024-49113
blogs_trendmicro·2025-01-04·CVSS 9.8
CVE-2024-49112 [CRITICAL] What We Know About CVE-2024-49112 and CVE-2024-49113
Ausnutzung von Schwachstellen
## What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that organizations need to know to stay protected against potential exploitation.
By: Trend Micro Jan 04, 2025 Read time: ( words)
Save to Folio
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112 , a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113 , a denial-of-service (DoS) flaw with a 7.5 CVSS score.
This blog entry provides an overview of these two vulnerabilities and includes information that IT and SOC professionals need to know.
Trendmicro
What We Know About CVE-2024-49112 and CVE-2024-49113
blogs_trendmicro·2025-01-04·CVSS 9.8
CVE-2024-49112 [CRITICAL] What We Know About CVE-2024-49112 and CVE-2024-49113
Exploits & Vulnerabilities
# What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that organizations need to know to stay protected against potential exploitation.
By: Trend Micro
2025/01/04
Read time: ( words)
Save to Folio
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score.
This blog entry provides an overview of these two vulnerabilities and includes information that IT and SOC professionals need to know.
How attackers can exploit CVE-20
Trendmicro
What We Know About CVE-2024-49112 and CVE-2024-49113
blogs_trendmicro·2025-01-04·CVSS 9.8
CVE-2024-49112 [CRITICAL] What We Know About CVE-2024-49112 and CVE-2024-49113
Exploits & Vulnerabilities
## What We Know About CVE-2024-49112 and CVE-2024-49113
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that organizations need to know to stay protected against potential exploitation.
By: Trend Micro 2025/01/04 Read time: ( words)
Save to Folio
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112 , a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113 , a denial-of-service (DoS) flaw with a 7.5 CVSS score.
This blog entry provides an overview of these two vulnerabilities and includes information that IT and SOC professionals need to know.
Krebs
Patch Tuesday, December 2024 Edition
blogs_krebs·2024-12-11·CVSS 9.8
CVE-2024-49138 [CRITICAL] Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks.
The zero-day seeing exploitation involves CVE-2024-49138 , a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that could let an authenticated attacker gain “system” level privileges on a vulnerable Windows device.
The security firm Rapid7 notes there have been a series of zero-day elevation of privilege flaws in CLFS over the past few years.
“Ransomware authors who have abused previous CLFS vulnerabilities will be only too pleased to get their hands on a fresh one,” wrote Adam Barnett , lead software engineer at Rapid7. “Expect more CLFS z
Krebs
Patch Tuesday, December 2024 Edition
blogs_krebs·2024-12-11·CVSS 9.8
CVE-2024-49138 [CRITICAL] Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks.
The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that could let an authenticated attacker gain “system” level privileges on a vulnerable Windows device.
The security firm Rapid7 notes there have been a series of zero-day elevation of privilege flaws in CLFS over the past few years.
“Ransomware authors who have abused previous CLFS vulnerabilities will be only too pleased to get their hands on a fresh one,” wrote Adam Barnett, lead software engineer at Rapid7. “Expect more CLFS zer
Talos
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
blogs_talos·2024-12-10·CVSS 8.4
CVE-2024-49112 [HIGH] Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
Microsoft assessed that exploitation of the four “critical” vulnerabilities is “less likely.”
CVE-2024-49112 is the most serious of this bunch, with a CVSS severity score of 9.8 out of 10. An attacker could exploit this vulnerability in Windows Lightweight Directory Access Protocol (LDAP) calls to execute arbitrary code within the context of the LDAP service. Additionally, CVE-2024-49124 and CVE-2024-49127 permit an unauthenticated attacker to send a specially crafted request to a vulnerable LDAP server, potentially executing the attacker's code if they succeed in a "race condition." Although the above
Qualys
Microsoft and Adobe Patch Tuesday, December 2024 Security Update Review
blogs_qualys·2024-12-10
Microsoft and Adobe Patch Tuesday, December 2024 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for December 2024
Adobe Patches for December 2024
Zero-day Vulnerabilities Patched in December Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in December Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
Rapid Response with Patch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
Qualys Monthly Webinar Series
Closing out 2024, Microsoft’s December Patch Tuesday highlights the importance of year-end maintenance with updates tackling critical vulnerabilities. As cyber threats remain persistent, these patches serve as a vital reminder of the ongoing need for
Talos
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
blogs_talos·2024-12-10·CVSS 8.4
CVE-2024-49112 [HIGH] Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
## Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
Microsoft assessed that exploitation of the four “critical” vulnerabilities is “less likely.”
CVE-2024-49112 is the most serious of this bunch, with a CVSS severity score of 9.8 out of 10. An attacker could exploit this vulnerability in Windows Lightweight Directory Access Protocol (LDAP) calls to execute arbitrary code within the context of the LDAP service. Additionally, CVE-2024-49124 and CVE-2024-49127 permit an unauthenticated attacker to send a specially crafted request to a vulnerable LDAP server, potentially exe
Bleepingcomputer
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
blogs_bleepingcomputer·2024-12-10·CVSS 7.8
[HIGH] Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
## Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
## Lawrence Abrams
27 Elevation of Privilege Vulnerabilities
30 Remote Code Execution Vulnerabilities
7 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
1 Spoofing Vulnerabilities
This count does not include two Edge flaws that were previously fixed on December 5 and 6th.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5048667 & KB5048685 cumulative updates and the Windows 10 KB5048652 cumulative update .
## One actively exploited zero-day disclosed
This month's Patch Tuesday fixes one actively exploited, publicly disclosed zero-day vulnerability.
Microsoft classifies a zero-day flaw as one that is publicly
Qualys
Critical Microsoft Vulnerabilities Patched December 2024 | Qualys
blogs_qualys·2024-12-10
Critical Microsoft Vulnerabilities Patched December 2024 | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for December 2024
- Adobe Patches for December 2024
- Zero-day Vulnerabilities Patched in December Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in December Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
- Rapid Response with Patch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
- Qualys Monthly Webinar Series
Closing out 2024, Microsoft’s December Patch Tuesday highlights the importance of year-end maintenance with updates tackling critical vulnerabilities. As cyber threats remain persistent, these patches serve as a vital reminder of the ong
Crowdstrike
December 2024 Patch Tuesday: Updates and Analysis
blogs_crowdstrike·CVSS 7.5
CVE-2026-20929 [HIGH] December 2024 Patch Tuesday: Updates and Analysis
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026
Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019
Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VI
2024-12-12
Published