Microsoft’s Final 2024 Patch: 72 Flaws Fixed, One Under Attack
Microsoft has released the final security updates of 2024, addressing 72 vulnerabilities, including one that is actively exploited. Among these, 17 are classified as critical, 54 as important, and one as moderate in severity. Of the total, 31 vulnerabilities involve remote code execution, while 27 enable privilege escalation.
Particular attention is drawn to CVE-2024-49138, a vulnerability with a CVSS rating of 7.8, discovered in the Windows Common Log File System (CLFS) driver. This flaw allows attackers to obtain system-level privileges. Microsoft extended its gratitude to CrowdStrike for identifying the issue.
CVE-2024-49138 marks the fifth exploit in CLFS since 2022. Experts note that ransomware operators favor exploiting such vulnerabilities as they facilitate swift network infiltration for data theft and encryption.
To bolster CLFS security, Microsoft has introduced hashed message authentication codes (HMAC) to log files, a measure that prevents unauthorized file modifications by anyone other than the CLFS driver itself.
The update also resolves a critical vulnerability, CVE-2024-49112, with a CVSS score of 9.8, linked to the LDAP protocol, as well as other serious issues, including remote code execution flaws in Windows Hyper-V and the Remote Desktop Client.
Amid increasing attack activity, Microsoft continues to phase out the NTLM protocol, replacing it with the more secure Kerberos. Additionally, Extended Protection for Authentication (EPA) has been enabled by default for Exchange Server, AD CS, and LDAP.
In the forthcoming Windows Server 2025, NTLM will be entirely eliminated, and LDAP will require a secure communication channel. These measures underscore Microsoft’s commitment to strengthening default security policies.
As the year draws to a close, Microsoft reinforces the defenses of its products, setting an example of the importance of proactive cybersecurity measures. With this update, akin to a holiday gift, the company addresses critical vulnerabilities and takes significant steps toward a more secure digital future.
