{"id":25452,"date":"2024-11-12T16:17:09","date_gmt":"2024-11-13T00:17:09","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/11\/12\/news-19182\/"},"modified":"2024-11-12T16:17:09","modified_gmt":"2024-11-13T00:17:09","slug":"news-19182","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/11\/12\/news-19182\/","title":{"rendered":"Microsoft Patch Tuesday, November 2024 Edition"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Tue, 12 Nov 2024 21:59:46 +0000<\/strong><\/p>\n

Microsoft<\/strong> today released updates to plug at least 89 security holes in its Windows<\/strong> operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today.<\/p>\n

\"\"<\/p>\n

The zero-day flaw tracked as CVE-2024-49039<\/a> is a bug in the Windows Task Scheduler<\/strong> that allows an attacker to increase their privileges on a Windows machine. Microsoft credits Google’s Threat Analysis Group<\/strong> with reporting the flaw.<\/p>\n

The second bug fixed this month that is already seeing in-the-wild exploitation is CVE-2024-43451<\/a>, a spoofing flaw that could reveal\u00a0Net-NTLMv2 hashes<\/a>, which are used for authentication in Windows environments.<\/p>\n

Satnam Narang<\/strong>, senior staff research engineer at Tenable<\/strong>, says the danger with stolen NTLM hashes is that they enable so-called “pass-the-hash” attacks, which let an attacker masquerade as a legitimate user without ever having to log in or know the user’s password. Narang notes that CVE-2024-43451 is the third NTLM zero-day so far this year.<\/p>\n

“Attackers continue to be adamant about discovering and exploiting zero-day vulnerabilities that can disclose NTLMv2 hashes, as they can be used to authenticate to systems and potentially move laterally within a network to access other systems,” Narang said.<\/span><\/p>\n

The two other publicly disclosed weaknesses Microsoft patched this month are CVE-2024-49019<\/a>, an elevation of privilege flaw in Active Directory Certificate Services<\/strong> (AD CS); and CVE-2024-49040<\/a>, a spoofing vulnerability in Microsoft Exchange Server<\/strong>.<\/p>\n

Ben McCarthy<\/strong>, lead cybersecurity engineer at Immersive Labs<\/strong>, called special attention to CVE-2024-43602<\/a>, a remote code execution vulnerability in Windows Kerberos<\/strong>, the authentication protocol that is heavily used in Windows domain networks.<\/p>\n

“This is one of the most threatening CVEs from this patch release,” McCarthy said. “Windows domains are used in the majority of enterprise networks, and by taking advantage of a cryptographic protocol vulnerability, an attacker can perform privileged acts on a remote machine within the network, potentially giving them eventual access to the domain controller, which is the goal for many attackers when attacking a domain.”<\/p>\n

McCarthy also pointed to CVE-2024-43498<\/a>, a remote code execution flaw in .NET<\/strong> and Visual Studio<\/strong> that could be used to install malware. This bug has earned a CVSS severity rating of 9.8 (10 is the worst).<\/p>\n

Finally, at least 29 of the updates released today tackle memory-related security issues involving SQL server<\/strong>, each of which earned a threat score of 8.8. Any one of these bugs could be used to install malware if an authenticated user connects to a malicious or hacked SQL database server.<\/p>\n

For a more detailed breakdown of today’s patches from Microsoft, check out the SANS Internet Storm Center\u2019s list<\/a>. For administrators in charge of managing larger Windows environments, it pays to keep an eye on Askwoody.com<\/a>, which frequently points out when specific Microsoft updates are creating problems for a number of users.<\/p>\n

As always, if you experience any problems applying any of these updates, consider dropping a note about it in the comments; chances are excellent that someone else reading here has experienced the same issue, and maybe even has found a solution.<\/p>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Tue, 12 Nov 2024 21:59:46 +0000<\/strong><\/p>\n

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[32124,32125,32126,32127,32128,32129,32130,20501,17220,20502,16936],"class_list":["post-25452","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-cve-2024-43451","tag-cve-2024-43602","tag-cve-2024-49019","tag-cve-2024-49039","tag-cve-2024-49040","tag-google-tag","tag-microsoft-patch-tuesday-november-2024","tag-satnam-narang","tag-security-tools","tag-tenable","tag-time-to-patch"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/25452","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=25452"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/25452\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=25452"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=25452"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=25452"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}