Microsoft patches worrying zero-day along with 71 other flaws
Zero-day was being actively used to launch attacks
- Microsoft releases final Patch Tuesday update of 2024
- It addresses 71 flaws, including an actively exploited zero-day
- This type of flaw is often used in ransomware attacks, experts claim
Microsoft has released its December Patch Tuesday cumulative update, which includes a fix for a worrying zero-day vulnerability that was being actively exploited in the wild.
The bug is described as a heap-based buffer overflow vulnerability in the Windows Common Log File System driver. It is tracked as CVE-2024-49138, and can apparently be used to fully take over vulnerable systems.
US agencies have sounded the alarm over this flaw, too. The Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities (KEV) catalog, describing it as a bug that “poses significant risks”, and urging users to apply the fix immediately.
Abused in ransomware
There is evidence that hackers are exploiting this CVE in their attacks, but we don’t know how, so whether or not it’s used in ransomware is just speculation at this point.
While undoubtedly dangerous, this heap-based buffer overflow bug is not the only one patched this time around. Microsoft fixed a total of 71 vulnerabilities, including 16 deemed critical, as they allow threat actors to remotely run arbitrary code.
In total, Microsoft fixed 27 elevation of privilege flaws, 30 RCE flaws, 7 information disclosure bugs, 5 denial of service bugs, and one spoofing vulnerability. Aside from these flaws, Microsoft also patched two Edge bugs, on December 5 and 6, BleepingComputer reports. The full list of patched flaws can be found here.
Via BleepingComputer
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
You might also like
- Microsoft's latest Patch Tuesday is here - fixes numerous flaws, some 'critical'
- Here's a list of the best antivirus
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.