Microsoft Kasım 2024 Patch Tuesday: 4 Zero Day 91 Zafiyet Kapatıldı

Mehmet Sait YILMAZ

Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 4 adet Zero Day güvenlik açığı ve toplam 91 zafiyeti kapattı.

Kapatılan zafiyetler aşağıdaki gibi:

4 Zero Day Kapatıldı

CVE-2024-43451 – NTLM Hash Disclosure Spoofing Vulnerability

CVE-2024-49039 – Windows Task Scheduler Elevation of Privilege Vulnerability

CVE-2024-49040 – Microsoft Exchange Server Spoofing Vulnerability

CVE-2024-49019 – Active Directory Certificate Services Elevation of Privilege Vulnerability

Kasım 2024 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2024-43499.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2024-43498.NET and Visual Studio Remote Code Execution VulnerabilityCritical
Airlift.microsoft.comCVE-2024-49056Airlift.microsoft.com Elevation of Privilege VulnerabilityCritical
Azure CycleCloudCVE-2024-43602Azure CycleCloud Remote Code Execution VulnerabilityImportant
LightGBMCVE-2024-43598LightGBM Remote Code Execution VulnerabilityImportant
Microsoft Defender for EndpointCVE-2024-5535OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overreadImportant
Microsoft Edge (Chromium-based)CVE-2024-10826Chromium: CVE-2024-10826 Use after free in Family ExperiencesUnknown
Microsoft Edge (Chromium-based)CVE-2024-10827Chromium: CVE-2024-10827 Use after free in SerialUnknown
Microsoft Exchange ServerCVE-2024-49040Microsoft Exchange Server Spoofing VulnerabilityImportant
Microsoft Graphics ComponentCVE-2024-49031Microsoft Office Graphics Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2024-49032Microsoft Office Graphics Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2024-49029Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2024-49026Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2024-49027Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2024-49028Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2024-49030Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointADV240001Microsoft SharePoint Server Defense in Depth UpdateNone
Microsoft Office WordCVE-2024-49033Microsoft Word Security Feature Bypass VulnerabilityImportant
Microsoft PC ManagerCVE-2024-49051Microsoft PC Manager Elevation of Privilege VulnerabilityImportant
Microsoft Virtual Hard DriveCVE-2024-38264Microsoft Virtual Hard Disk (VHDX) Denial of Service VulnerabilityImportant
Microsoft Windows DNSCVE-2024-43450Windows DNS Spoofing VulnerabilityImportant
Role: Windows Active Directory Certificate ServicesCVE-2024-49019Active Directory Certificate Services Elevation of Privilege VulnerabilityImportant
Role: Windows Hyper-VCVE-2024-43633Windows Hyper-V Denial of Service VulnerabilityImportant
Role: Windows Hyper-VCVE-2024-43624Windows Hyper-V Shared Virtual Disk Elevation of Privilege VulnerabilityImportant
SQL ServerCVE-2024-48998SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-48997SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-48993SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49001SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49000SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-48999SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49043Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-43462SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-48995SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-48994SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-38255SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-48996SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-43459SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49002SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49013SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49014SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49011SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49012SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49015SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49018SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49021Microsoft SQL Server Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49016SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49017SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49010SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49005SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49007SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49003SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49004SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49006SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49009SQL Server Native Client Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2024-49008SQL Server Native Client Remote Code Execution VulnerabilityImportant
TorchGeoCVE-2024-49048TorchGeo Remote Code Execution VulnerabilityImportant
Visual StudioCVE-2024-49044Visual Studio Elevation of Privilege VulnerabilityImportant
Visual Studio CodeCVE-2024-49050Visual Studio Code Python Extension Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2024-49049Visual Studio Code Remote Extension Elevation of Privilege VulnerabilityModerate
Windows CSC ServiceCVE-2024-43644Windows Client-Side Caching Elevation of Privilege VulnerabilityImportant
Windows Defender Application Control (WDAC)CVE-2024-43645Windows Defender Application Control (WDAC) Security Feature Bypass VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-43636Win32k Elevation of Privilege VulnerabilityImportant
Windows DWM Core LibraryCVE-2024-43629Windows DWM Core Library Elevation of Privilege VulnerabilityImportant
Windows KerberosCVE-2024-43639Windows Kerberos Remote Code Execution VulnerabilityCritical
Windows KernelCVE-2024-43630Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows NT OS KernelCVE-2024-43623Windows NT OS Kernel Elevation of Privilege VulnerabilityImportant
Windows NTLMCVE-2024-43451NTLM Hash Disclosure Spoofing VulnerabilityImportant
Windows Package Library ManagerCVE-2024-38203Windows Package Library Manager Information Disclosure VulnerabilityImportant
Windows RegistryCVE-2024-43641Windows Registry Elevation of Privilege VulnerabilityImportant
Windows RegistryCVE-2024-43452Windows Registry Elevation of Privilege VulnerabilityImportant
Windows Secure Kernel ModeCVE-2024-43631Windows Secure Kernel Mode Elevation of Privilege VulnerabilityImportant
Windows Secure Kernel ModeCVE-2024-43646Windows Secure Kernel Mode Elevation of Privilege VulnerabilityImportant
Windows Secure Kernel ModeCVE-2024-43640Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImportant
Windows SMBCVE-2024-43642Windows SMB Denial of Service VulnerabilityImportant
Windows SMBv3 Client/ServerCVE-2024-43447Windows SMBv3 Server Remote Code Execution VulnerabilityImportant
Windows Task SchedulerCVE-2024-49039Windows Task Scheduler Elevation of Privilege VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43628Windows Telephony Service Remote Code Execution VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43621Windows Telephony Service Remote Code Execution VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43620Windows Telephony Service Remote Code Execution VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43627Windows Telephony Service Remote Code Execution VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43635Windows Telephony Service Remote Code Execution VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43622Windows Telephony Service Remote Code Execution VulnerabilityImportant
Windows Telephony ServiceCVE-2024-43626Windows Telephony Service Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2024-43530Windows Update Stack Elevation of Privilege VulnerabilityImportant
Windows USB Video DriverCVE-2024-43643Windows USB Video Class System Driver Elevation of Privilege VulnerabilityImportant
Windows USB Video DriverCVE-2024-43449Windows USB Video Class System Driver Elevation of Privilege VulnerabilityImportant
Windows USB Video DriverCVE-2024-43637Windows USB Video Class System Driver Elevation of Privilege VulnerabilityImportant
Windows USB Video DriverCVE-2024-43634Windows USB Video Class System Driver Elevation of Privilege VulnerabilityImportant
Windows USB Video DriverCVE-2024-43638Windows USB Video Class System Driver Elevation of Privilege VulnerabilityImportant
Windows VMSwitchCVE-2024-43625Microsoft Windows VMSwitch Elevation of Privilege VulnerabilityCritical
Windows Win32 Kernel SubsystemCVE-2024-49046Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityImportant
Exit mobile version