November, 2024: Patch Tuesday - 3 Zero Days!

Welcome to my November Patch Tuesday newsletter. Today Microsoft released updates for 90 CVE's. Since our last Patch Tuesday newsletter last month there are also an additional 35 updates totaling 125 CVE's patched this month. Of these we have 3 that are zero days:

CVE-2024-43451 and CVE-2024-49040 are both spoofing vulnerabilities. CVE-2024-49040 affects Exchange 2016 and 2019. CVE-2024-43451 affects Windows OS's including the latest Server 2025. CVE-2024-49019 is an elevation of privilege also affecting all flavors of Windows OS's. Microsoft rates these three as only "Important" severity but get these updated as soon as you can.

One thing to keep in mind is that CVE's from previous months are now public as well. We have CVE-2024-38202 from August and also CVE-2024-43583 and CVE-2024-6197 from last month. So please, please, please, if you haven't deployed these updates from the previous months, do so ASAP.

Of this months patches only 8 are critical and 88 important. CVE-2024-43639 and CVE-2024-43498 are the two highest rated critical updates with CVSS scores of 9.8. So you'll want to update these ASAP as well.

Patch data provided by:

LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 10, 11

Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations

Critical

CVE-2024-38203
CVE-2024-38264
CVE-2024-43447
CVE-2024-43449
CVE-2024-43450
CVE-2024-43451*
CVE-2024-43452
CVE-2024-43530
CVE-2024-43620
CVE-2024-43621
CVE-2024-43622
CVE-2024-43623
CVE-2024-43624
CVE-2024-43625
CVE-2024-43626
CVE-2024-43627
CVE-2024-43628
CVE-2024-43629
CVE-2024-43630
CVE-2024-43631
CVE-2024-43633
CVE-2024-43634
CVE-2024-43635
CVE-2024-43636
CVE-2024-43637
CVE-2024-43638
CVE-2024-43639
CVE-2024-43640
CVE-2024-43641
CVE-2024-43642
CVE-2024-43643
CVE-2024-43644
CVE-2024-43645
CVE-2024-43646
CVE-2024-49019*
CVE-2024-49039
CVE-2024-49046

Workaround: No
Exploited: Yes
Public: Yes*

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Edge

Chromium-based

Moderate

CVE-2024-10229
CVE-2024-10230
CVE-2024-10231
CVE-2024-10487
CVE-2024-10488
CVE-2024-10826
CVE-2024-10827
CVE-2024-43566
CVE-2024-43577
CVE-2024-43578
CVE-2024-43579
CVE-2024-43580
CVE-2024-43587
CVE-2024-43595
CVE-2024-43596
CVE-2024-49023
CVE-2024-9602
CVE-2024-9603
CVE-2024-9954
CVE-2024-9955
CVE-2024-9956
CVE-2024-9957
CVE-2024-9958
CVE-2024-9959
CVE-2024-9960
CVE-2024-9961
CVE-2024-9962
CVE-2024-9963
CVE-2024-9964
CVE-2024-9965
CVE-2024-9966

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Spoofing

Office

365 Apps for Enterprise

Office 2016, 2019

LTSC 2021, 2024 including for Mac

Excel/Word 2016

Online Server

Important

CVE-2024-49026
CVE-2024-49027
CVE-2024-49028
CVE-2024-49029
CVE-2024-49030
CVE-2024-49031
CVE-2024-49032
CVE-2024-49033
CVE-2024-43609
CVE-2024-43616

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Security Feature Bypass

SharePoint

Enterprise Server 2016

Server 2019

Server Subscription Edition

None Listed

ADV240001

Workaround: No
Exploited: No
Public: No

Defense in Depth

SQL Server

2016 SP3 (GDR)

2016 SP3 Azure Connect Feature Pack

2017 CU31 and GDR

2019 CU29 and GDR

2022 CU15 and GDR

Important

CVE-2024-38255
CVE-2024-43459
CVE-2024-43462
CVE-2024-48993
CVE-2024-48994
CVE-2024-48995
CVE-2024-48996
CVE-2024-48997
CVE-2024-48998
CVE-2024-48999
CVE-2024-49000
CVE-2024-49001
CVE-2024-49002
CVE-2024-49003
CVE-2024-49004
CVE-2024-49005
CVE-2024-49006
CVE-2024-49007
CVE-2024-49008
CVE-2024-49009
CVE-2024-49010
CVE-2024-49011
CVE-2024-49012
CVE-2024-49013
CVE-2024-49014
CVE-2024-49015
CVE-2024-49016
CVE-2024-49017
CVE-2024-49018
CVE-2024-49021
CVE-2024-49043

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Exchange

Server 2016 CU23

Server 2019 CU 13 and CU14

Important

CVE-2024-49040*

Workaround: No
Exploited: No
Public: Yes*

Spoofing

Azure

airlift.microsoft.com

CycleCloud 8.0.0 - 8.6.4

Database for PostgreSQL Flexible Server 12 - 16

Kubernetes Service Node on Azure Linux and Ubuntu Linux

Azure Functions

Critical

CVE-2024-38097
CVE-2024-38179
CVE-2024-43480
CVE-2024-43591

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Apps

PC Manager

Important

CVE-2024-49051

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

.NET

9.0 installed on Linux, Windows, Mac OS

Critical

CVE-2024-43498
CVE-2024-43499

Workaround: No
Exploited: No
Public: No

Denial of Service

Remote Code Execution

Visual Studio

2022 17.6-17.11

Python Extension for Visual Studio Code

Code Remote - SSH Extension

Critical

CVE-2024-43498
CVE-2024-43499
CVE-2024-49044
CVE-2024-49049
CVE-2024-49050

Workaround: No
Exploited: No
Public: No

Denial of Service

Elevation of Privilege

Remote Code Execution

Mariner

Azure Linux 3.0 x64/ARM

CBL Mariner 2.0 x64/ARM

Critical

CVE-2024-0132
CVE-2024-5535

Workaround: No
Exploited: No
Public: No

Remote Code Execution

System Center

Defender for EndPoint for iOS/Android

Important

CVE-2024-5535

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Spoofing

Dynamics

MS Power Platform

MS Dataverse

Critical

CVE-2024-38139
CVE-2024-38190

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Open Source Software

MS TorchGeo

LightGBM

Important

CVE-2024-43598
CVE-2024-49048

Workaround: No
Exploited: No
Public: No

Remote Code Execution