December 11, 2024
Microsoft responded to an actively exploited vulnerability by releasing key security upgrades for its products, including Windows, Office, SharePoint and Hyper-V. As ongoing attacks have been reported, administrators of current versions of Windows Desktop and Windows Server are advised to ensure that Windows Update is enabled and the most recent security patches are installed.
Many versions of Windows 10 and Windows 11, as well as many versions of Windows Server, including 2008 and 2022, are affected by the currently exploited vulnerability (CVE-2024-49138, classified as “high” risk). Successful attackers are granted enhanced user permissions, including system-level privileges, which can cause serious damage. These attacks frequently use a combination of vulnerabilities to execute malicious code. Microsoft has not revealed information on the scale of these attacks or how they are carried out.
Current versions of Windows and Windows Server include a significant vulnerability (CVE-2024-49112) that affects the Lightweight Directory Access Protocol (LDAP). There are no details yet on how these attacks take place or how administrators might recognize affected systems. Microsoft advises administrators to disconnect domain controllers from the Internet if they fail to deploy this security update in a timely manner.
Additional “high” threat level vulnerabilities have been discovered in a number of malware-prone Windows components, such as Remote Desktop Services and Hyper-V. Office is also susceptible to virus attacks and hackers can obtain and use data without authorization.
Microsoft also fixed a security flaw that was already under active attack during this November Patch Day.
Ready to protect the digital world? Join Code Labs Academy's Cybersecurity Bootcamp and gain the hands-on skills you need to defend against cyber threats.