Today’s VERT Alert addresses Microsoft’s December 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1136 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
The only vulnerability that has been publicly disclosed and exploited this month is CVE-2024-49138, a vulnerability in the Windows Common Log File System Driver. Successful exploitation of this privilege escalation vulnerability would grant the attacker SYSTEM level permissions. Microsoft has reported this vulnerability as Exploitation Detected.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also color coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
| Tag | CVE Count | CVEs |
| System Center Operations Manager | 1 | CVE-2024-43594 |
| Microsoft Defender for Endpoint | 1 | CVE-2024-49057 |
| Microsoft Office | 2 | CVE-2024-49059, CVE-2024-43600 |
| Microsoft Office SharePoint | 4 | CVE-2024-49064, CVE-2024-49068, CVE-2024-49070, CVE-2024-49062 |
| Microsoft Office Excel | 1 | CVE-2024-49069 |
| Windows Mobile Broadband | 7 | CVE-2024-49073, CVE-2024-49087, CVE-2024-49092, CVE-2024-49077, CVE-2024-49078, CVE-2024-49083, CVE-2024-49110 |
| Windows Kernel-Mode Drivers | 1 | CVE-2024-49074 |
| Windows Kernel | 1 | CVE-2024-49084 |
| Windows Routing and Remote Access Service (RRAS) | 6 | CVE-2024-49085, CVE-2024-49086, CVE-2024-49089, CVE-2024-49102, CVE-2024-49104, CVE-2024-49125 |
| Role: DNS Server | 1 | CVE-2024-49091 |
| Windows Resilient File System (ReFS) | 1 | CVE-2024-49093 |
| Windows Wireless Wide Area Network Service | 8 | CVE-2024-49094, CVE-2024-49098, CVE-2024-49099, CVE-2024-49101, CVE-2024-49103, CVE-2024-49111, CVE-2024-49081, CVE-2024-49109 |
| Windows Message Queuing | 3 | CVE-2024-49096, CVE-2024-49122, CVE-2024-49118 |
| Windows PrintWorkflowUserSvc | 2 | CVE-2024-49097, CVE-2024-49095 |
| Windows Remote Desktop Services | 10 | CVE-2024-49106, CVE-2024-49108, CVE-2024-49115, CVE-2024-49119, CVE-2024-49120, CVE-2024-49123, CVE-2024-49129, CVE-2024-49075, CVE-2024-49116, CVE-2024-49128 |
| WmsRepair Service | 1 | CVE-2024-49107 |
| Role: Windows Hyper-V | 1 | CVE-2024-49117 |
| Windows LDAP - Lightweight Directory Access Protocol | 5 | CVE-2024-49121, CVE-2024-49124, CVE-2024-49112, CVE-2024-49113, CVE-2024-49127 |
| Windows Local Security Authority Subsystem Service (LSASS) | 1 | CVE-2024-49126 |
| Windows Remote Desktop | 1 | CVE-2024-49132 |
| Microsoft Office Access | 1 | CVE-2024-49142 |
| Microsoft Edge (Chromium-based) | 2 | CVE-2024-12053, CVE-2024-49041 |
| GitHub | 1 | CVE-2024-49063 |
| Microsoft Office Word | 1 | CVE-2024-49065 |
| Windows Task Scheduler | 1 | CVE-2024-49072 |
| Windows Virtualization-Based Security (VBS) Enclave | 1 | CVE-2024-49076 |
| Microsoft Office Publisher | 1 | CVE-2024-49079 |
| Windows IP Routing Management Snapin | 1 | CVE-2024-49080 |
| Windows File Explorer | 1 | CVE-2024-49082 |
| Windows Common Log File System Driver | 3 | CVE-2024-49088, CVE-2024-49090, CVE-2024-49138 |
| Windows Cloud Files Mini Filter Driver | 1 | CVE-2024-49114 |
Other Information
At the time of publication, there were no new advisories included with the December Security Guidance.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.
