Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 1 Zero Day güvenlik açığı ve toplam 71 zafiyeti kapattı.
Kapatılan zafiyetler aşağıdaki gibi:
- 27 Elevation of Privilege Vulnerabilities
- 30 Remote Code Execution Vulnerabilities
- 7 Information Disclosure Vulnerabilities
- 5 Denial of Service Vulnerabilities
- 1 Spoofing Vulnerabilities
Aralık 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| GitHub | CVE-2024-49063 | Microsoft/Muzic Remote Code Execution Vulnerability | Important |
| Microsoft Defender for Endpoint | CVE-2024-49057 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2024-12053 | Chromium: CVE-2024-12053 Type Confusion in V8 | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-49041 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate |
| Microsoft Office | ADV240002 | Microsoft Office Defense in Depth Update | Moderate |
| Microsoft Office | CVE-2024-49059 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2024-43600 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office Access | CVE-2024-49142 | Microsoft Access Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2024-49069 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Publisher | CVE-2024-49079 | Input Method Editor (IME) Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49064 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49062 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49068 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49070 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2024-49065 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2024-49091 | Windows Domain Name Service Remote Code Execution Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2024-49117 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| System Center Operations Manager | CVE-2024-43594 | System Center Operations Manager Elevation of Privilege Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2024-49114 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2024-49088 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2024-49138 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2024-49090 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows File Explorer | CVE-2024-49082 | Windows File Explorer Information Disclosure Vulnerability | Important |
| Windows IP Routing Management Snapin | CVE-2024-49080 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | Important |
| Windows Kernel | CVE-2024-49084 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel-Mode Drivers | CVE-2024-49074 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49121 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49124 | Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | Critical |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49112 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Critical |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49113 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49127 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Critical |
| Windows Local Security Authority Subsystem Service (LSASS) | CVE-2024-49126 | Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | Critical |
| Windows Message Queuing | CVE-2024-49118 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Critical |
| Windows Message Queuing | CVE-2024-49122 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Critical |
| Windows Message Queuing | CVE-2024-49096 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49073 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49077 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49083 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49092 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49087 | Windows Mobile Broadband Driver Information Disclosure Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49110 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49078 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2024-49095 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2024-49097 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop | CVE-2024-49132 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49115 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49116 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49123 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49129 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2024-49075 | Windows Remote Desktop Services Denial of Service Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2024-49128 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49106 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49108 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49119 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49120 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Resilient File System (ReFS) | CVE-2024-49093 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49085 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49086 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49089 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49125 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49104 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49102 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Task Scheduler | CVE-2024-49072 | Windows Task Scheduler Elevation of Privilege Vulnerability | Important |
| Windows Virtualization-Based Security (VBS) Enclave | CVE-2024-49076 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49081 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49103 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49111 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49109 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49101 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49094 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49098 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49099 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Important |
| WmsRepair Service | CVE-2024-49107 | WmsRepair Service Elevation of Privilege Vulnerability | Important |
