[Zero-day] Microsoft's December 2024 Patch Tuesday fixes 1 zero-day vulnerability

[Zero-day] Microsoft's December 2024 Patch Tuesday fixes 1 zero-day vulnerability


Hello folks,

This is to notify you that 1 zero-day vulnerability have been fixed in this month's Patch Tuesday. Below, you can find the CVE and Patch ID details.

VULNERABLE COMPONENT
IMPACT
CVE ID
Windows Common Log File System Driver
                 Elevation of Privilege
CVE-2024-49138


This patch can be deployed to your endpoints seamlessly, using one of the following methods:

Note: Kindly ensure that a Vulnerability DB sync has been initiated and completed successfully before proceeding.

Method 1:

a. On the console, navigate to Patches > Missing Patches and create a filter.

b. The criterion for the filter should be: CVE ID - equal - <CVE ID of the respective vulnerability>.

c. Once done, the missing patches in your network, corresponding to the particular CVE ID will be listed below.


Method 2:

a. Navigate to Patches > Top-Priority Patches.

b. Select the required patches via the Patch ID.

c. Click on Install/Publish Patches to deploy them.


Here is a list of the patch IDs corresponding to the vulnerabilities:


                                                                                                 CVE-2024-49138

PATCH_ID BULLETIN_ID                                                                 PATCH_DESCRIPTION
40270MS24-DEC2

2024-12 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5048676) (ESU) (CVE-2024-49138)
40271MS24-DEC2

2024-12 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB5048744) (ESU) (CVE-2024-49138)
40272MS24-DEC2

2024-12 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5048744) (ESU) (CVE-2024-49138)
40273MS24-DEC6

2024-12 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5048695) (ESU) (CVE-2024-49138)
40274MS24-DEC6

2024-12 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5048710) (ESU) (CVE-2024-49138)
40275MS24-DEC6

2024-12 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB5048710) (ESU) (CVE-2024-49138)
40276MS24-DEC6

2024-12 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5048735) (ESU) (CVE-2024-49138)
40277MS24-DEC6

2024-12 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5048699) (ESU) (CVE-2024-49138)

40278

MS24-DEC3

2024-12 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5048685) (CVE-2024-49138)

40280

MS24-DEC3

2024-12 Cumulative Update for Windows 11 Version 23H2 for x64-based Systems (KB5048685) (CVE-2024-49138)

40282

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5048652) (CVE-2024-49138)

40283

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5048652) (CVE-2024-49138)

40284

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5048652) (CVE-2024-49138)

40285

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5048652) (CVE-2024-49138)

40286

MS24-DEC3

2024-12 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5048654) (CVE-2024-49138)

40287

MS24-DEC3

2024-12 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5048661) (CVE-2024-49138)

40288

MS24-DEC32024-12 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5048661) (CVE-2024-49138)
40289MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5048661) (CVE-2024-49138)

40290MS24-DEC3

2024-12 Cumulative Update for Microsoft server operating system version 24H2 for x64-based Systems (KB5048667)
40291MS24-DEC3

2024-12 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5048667) (CVE-2024-49138)

40293

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5048671) (CVE-2024-49138)

40294

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5048671) (CVE-2024-49138)

40295

MS24-DEC3

2024-12 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5048671) (CVE-2024-49138)

40296

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5048703) (CVE-2024-49138)

40297

MS24-DEC3

2024-12 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5048703) (CVE-2024-49138



Cheers,
The ManageEngine Team.




        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial


                          Related Products