Microsoft December 2024 Patch Tuesday – 71 Vulnerabilities Fixed, Including 1 Zero-day & 30 RCEs

Microsoft released a security as part of the December Patch Tuesday that addressed 72 vulnerabilities, including 30 classified as critical Remote Code Execution (RCE) vulnerabilities.

These fixes are crucial for securing Windows operating systems and related software against potential exploitation.

Key Highlights of December 2024 Patch Tuesday Updates:

A recent security update has addressed a total of 71 vulnerabilities across various platforms,, including 30 remote code execution vulnerabilities and 28 elevation of privilege vulnerabilities, which represent critical risks to system security.

Additionally, it resolves 4 denial of service vulnerabilities, 1 spoofing vulnerability, and 7 information disclosure vulnerabilities. The update also includes 1 defense-in-depth improvement, further enhancing overall system protection.

Additionally, the update resolved other issues, such as the elevation of privilege vulnerabilities, security feature bypasses, and more.

The affected platforms include a wide range of Windows versions, from modern systems like Windows 11 and Windows 10 to older systems such as Windows Server 2008 and various Windows Server variants.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Zero-day Vulnerability Exploited

CVE-2024-49138 is a zero-day vulnerability that was actively exploited before being patched in Microsoft's December 2024 Patch Tuesday update. This critical security flaw affects the Windows Common Log File System Driver and is classified as an Elevation of Privilege vulnerability.

The vulnerability was discovered by the Advanced Research Team at CrowdStrike. It allows attackers to gain SYSTEM privileges on Windows devices, potentially giving them full control over the affected system.

While it's confirmed that the vulnerability was actively exploited in the wild, specific details about the exploitation methods have not been disclosed.

The December 2024 Patch Tuesday update includes a fix for this vulnerability, and users are strongly advised to apply the patch immediately.

Critical Remote Code Execution Vulnerabilities

This month's patch includes fixes for CVE-2024-49116, a highly critical RCE vulnerability impacting multiple versions of Windows Server. Exploiting this flaw could allow attackers to execute arbitrary code remotely, potentially granting full system control.

Here are some of the products affected by CVE-2024-49116:

• Windows Server 2025 (Server Core Installation)
• Windows Server 2022, 23H2 Edition (Server Core installation)
• Windows Server 2022
• Windows Server 2019
• Windows Server 2012 R2

Additionally, an RCE vulnerability with CVE-2024-49112 impacts Windows 10 Version 1809 for both x64 and 32-bit systems.

Elevation of Privilege Vulnerabilities

Microsoft also addressed multiple Elevation of Privilege (EoP) vulnerabilities, which are critical in preventing attackers from gaining unauthorized access to higher system privileges.

Key Elevation of Privilege updates include:

• CVE-2024-49138: Affects Windows 11 Version 22H2 and Windows 10 Version 21H2 across various architectures.
• CVE-2024-49110: A significant EoP vulnerability affecting Windows Server 2025, Windows 11 Version 24H2, and other platforms.
• CVE-2024-49077: Impacts Windows Server 2022 23H2 Edition, as well as Windows 11 Version 23H2 systems.

For Windows 11, Version 22H2 addressed CVE-2024-49138 and CVE-2024-49081, targeting Elevation of Privilege risks. Version 23H2 resolved CVE-2024-49077, also related to Privilege Elevation. Additionally, Version 24H2 tackled CVE-2024-49110, a key Elevation of Privilege vulnerability.

In Windows 10, Version 22H2 fixed CVE-2024-49081, addressing Elevation of Privilege flaws. Version 21H2 resolved both CVE-2024-49081 and CVE-2024-49138 to mitigate privilege escalation threats.

For Windows Server, critical vulnerabilities were addressed in multiple versions.

• Windows Server 2025 patched CVE-2024-49116 (Remote Code Execution) and CVE-2024-49077 (Elevation of Privilege).
• Windows Server 2022 resolved both RCE and EoP vulnerabilities, including CVE-2024-49116 and CVE-2024-49081.
• Windows Server 2012 and 2012 R2 fixed CVE-2024-49088 (Elevation of Privilege) and CVE-2024-49080 (Remote Code Execution)
• Windows Server 2008 and 2008 R2 addressed critical Privilege Escalation vulnerabilities such as CVE-2024-49088.

With many vulnerabilities marked as Important or Critical, these updates are essential to prevent potential exploitation. Organizations and individuals are urged to apply these updates promptly through Windows Update or other tools to safeguard against security threats.

Microsoft's December 2024 Patch Tuesday emphasizes consistently updating systems to mitigate vulnerabilities. With cyberattacks' growing sophistication, addressing critical issues like Remote Code execution vulnerabilities and Elevation of Privilege flaws is paramount.

Apply these patches immediately through Windows Update or other deployment tools to ensure your systems are up to date. For more details, refer to Microsoft's official security update documentation.

72 Vulnerabilities Fixed in Microsoft Patch Tuesday, December 2024

Microsoft has published a complete list of patched vulnerabilities, which provides detailed information about the exploitation methods, vulnerability descriptions, and other information. 

All users should update their products to the latest version to prevent threat actors from exploiting these vulnerabilities.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN - Try for Free