Microsoft Monthly Security Update (December 2024)
Microsoft has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes |
| System Center |  Medium Risk | Elevation of Privilege Spoofing | |
| Microsoft Office | Medium Risk | Elevation of Privilege Information Disclosure Remote Code Execution | |
| Windows |  High Risk | Elevation of Privilege Remote Code Execution Information Disclosure Denial of Service | CVE-2024-49138 is being exploited in the wild. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
| Extended Security Updates (ESU) | High Risk | Elevation of Privilege Remote Code Execution Denial of Service Information Disclosure | CVE-2024-49138 is being exploited in the wild. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
| Developer Tools | Medium Risk | Remote Code Execution |
Number of ‘Extremely High Risk’ product(s): 0
Number of ‘High Risk’ product(s): 2
Number of ‘Medium Risk’ product(s): 3
Number of ‘Low Risk’ product(s): 0
Evaluation of overall ‘Risk Level’: High Risk
RISK: High Risk
TYPE: Operating Systems – Windows OS
Impact
- Elevation of Privilege
- Spoofing
- Information Disclosure
- Remote Code Execution
- Denial of Service
System / Technologies affected
- System Center
- Microsoft Office
- Windows
- Extended Security Updates (ESU)
- Developer Tools
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
Vulnerability Identifier
Source
Related Link
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
