Microsoft Windows 11 and Windows 10 Updated With Fix for Actively Exploited Zero 40wt Day Vulnerability

Microsoft has patched a publicly disclosed zero-day vulnerability that was actively exploited to gain system-level privileges on Windows PCs. 646i32

Written by David Delima | Updated: 11 December 2024 12:32 IST

Microsoft Windows 11 and Windows 10 Updated With Fix for Actively Exploited Zero-Day Vulnerability

Photo Credit: Microsoft 3a34u

PCs running Windows 11 and Windows 10 will receive mandatory updates with fixes for the flaws

Highlights

Microsoft has fixed several critical Windows security flaws
Both Windows 11 and Windows 10 have received security fixes
Microsoft has released patches for 71 security vulnerabilities

ment

Microsoft has rolled out its latest security updates as part of the December 2024 Patch Tuesday release, and s with Windows laptops and desktop computers should update their systems as soon as possible. According to the company's release notes, the latest security updates fix a publicly disclosed, actively exploited zero-day vulnerability. It also includes fixes for 30 remote code execution vulnerabilities — of these, 16 are designated as critical — and 41 other security flaws related to operating system components.

Microsoft Fixes Zero-Day Vulnerability Discovered by Crowdstrike l2f9

The security updates rolled out by Microsoft on Tuesday (via BleepingComputer) include a fix for CVE-2024-49138 (Windows Common Log File System Driver Elevation of Privilege Vulnerability), which is a publicly disclosed zero-day vulnerability that was actively exploited, according to the company.

The flaw allowed attackers to gain access to system-level privileges on an affected Windows PC, and was discovered by Crowdstrike's Advanced Research Team. Details on how the flaw was exploited were not provided by Microsoft, presumably to ensure that s have enough time to install the latest security updates.

Samsung is Ending for DeX for PC With One UI 7

In addition to the fixes for the actively exploited zero-day vulnerability, Microsoft has also patched a total of 71 flaws affecting various Windows components. This includes 30 remote code execution vulnerabilities, out of which 16 have a 'Critical' severity rating, and 27 vulnerabilities that would enable attackers to gain elevated privileges on an unpatched Windows PC.

The latest security updates for Windows also include patches for flaws in third party products. Vendors like Adobe, Cisco, OpenWrt, and SAP have issued security updates, while the US Cybersecurity and Infrastructure Security Agency (CISA) has published advisories on vulnerabilities in industrial control systems from various companies.

s with Windows 10 will need to install the KB5048652 (22H2) update.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Windows

David Delima

Email David Delima

As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be ed via email at [email protected], on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More