- Microsoft releases final Patch Tuesday update of 2024
- It addresses 71 flaws, including an actively exploited zero-day
- This type of flaw is often used in ransomware attacks, experts claim
Microsoft has released its December Patch Tuesday cumulative update, which includes a fix for a worrying zero-day vulnerability that was being actively exploited in the wild.
The bug is described as a heap-based buffer overflow vulnerability in the Windows Common Log File System driver. It is tracked as CVE-2024-49138, and can apparently be used to fully take over vulnerable systems.
US agencies have sounded the alarm over this flaw, too. The Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities (KEV) catalog, describing it as a bug that “poses significant risks”, and urging users to apply the fix immediately.
Abused in ransomware
There is evidence that hackers are exploiting this CVE in their attacks, but we don’t know how, so whether or not it’s used in ransomware is just speculation at this point.
While undoubtedly dangerous, this heap-based buffer overflow bug is not the only one patched this time around. Microsoft fixed a total of 71 vulnerabilities, including 16 deemed critical, as they allow threat actors to remotely run arbitrary code.
In total, Microsoft fixed 27 elevation of privilege flaws, 30 RCE flaws, 7 information disclosure bugs, 5 denial of service bugs, and one spoofing vulnerability. Aside from these flaws, Microsoft also patched two Edge bugs, on December 5 and 6, BleepingComputer reports. The full list of patched flaws can be found here.
Via BleepingComputer