Patch Tuesday Update – November 2024

Patch Tuesday Update – November 2024
2024-11-13 05:54:2 Author: securityboulevard.com(查看原文) 阅读量:6 收藏

CVE/Advisory	Title	Tag	Microsoft Severity Rating	Base Score	Microsoft Impact	Exploited	Publicly Disclosed
CVE-2024-43530	Windows Update Stack Elevation of Privilege Vulnerability	Windows Update Stack	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43602	Azure CycleCloud Remote Code Execution Vulnerability	Azure CycleCloud	Important	9.9	Remote Code Execution	No	No
CVE-2024-43623	Windows NT OS Kernel Elevation of Privilege Vulnerability	Windows NT OS Kernel	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43625	Microsoft Windows VMSwitch Elevation of Privilege Vulnerability	Windows VMSwitch	Critical	8.1	Elevation of Privilege	No	No
CVE-2024-43626	Windows Telephony Service Elevation of Privilege Vulnerability	Windows Telephony Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43627	Windows Telephony Service Remote Code Execution Vulnerability	Windows Telephony Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-43628	Windows Telephony Service Remote Code Execution Vulnerability	Windows Telephony Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-43630	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43631	Windows Secure Kernel Mode Elevation of Privilege Vulnerability	Windows Secure Kernel Mode	Important	6.7	Elevation of Privilege	No	No
CVE-2024-43634	Windows USB Video Class System Driver Elevation of Privilege Vulnerability	Windows USB Video Driver	Important	6.8	Elevation of Privilege	No	No
CVE-2024-43637	Windows USB Video Class System Driver Elevation of Privilege Vulnerability	Windows USB Video Driver	Important	6.8	Elevation of Privilege	No	No
CVE-2024-43638	Windows USB Video Class System Driver Elevation of Privilege Vulnerability	Windows USB Video Driver	Important	6.8	Elevation of Privilege	No	No
CVE-2024-43643	Windows USB Video Class System Driver Elevation of Privilege Vulnerability	Windows USB Video Driver	Important	6.8	Elevation of Privilege	No	No
CVE-2024-43644	Windows Client-Side Caching Elevation of Privilege Vulnerability	Windows CSC Service	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43645	Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability	Windows Defender Application Control (WDAC)	Important	6.7	Security Feature Bypass	No	No
CVE-2024-43646	Windows Secure Kernel Mode Elevation of Privilege Vulnerability	Windows Secure Kernel Mode	Important	6.7	Elevation of Privilege	No	No
CVE-2024-43447	Windows SMBv3 Server Remote Code Execution Vulnerability	Windows SMBv3 Client/Server	Important	8.1	Remote Code Execution	No	No
CVE-2024-43449	Windows USB Video Class System Driver Elevation of Privilege Vulnerability	Windows USB Video Driver	Important	6.8	Elevation of Privilege	No	No
CVE-2024-43450	Windows DNS Spoofing Vulnerability	Microsoft Windows DNS	Important	7.5	Spoofing	No	No
CVE-2024-43451	NTLM Hash Disclosure Spoofing Vulnerability	Windows NTLM	Important	6.5	Spoofing	Yes	Yes
CVE-2024-43452	Windows Registry Elevation of Privilege Vulnerability	Windows Registry	Important	7.5	Elevation of Privilege	No	No
CVE-2024-38255	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-38264	Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability	Microsoft Virtual Hard Drive	Important	5.9	Denial of Service	No	No
CVE-2024-43459	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-43462	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-48994	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-48995	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-48996	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49040	Microsoft Exchange Server Spoofing Vulnerability	Microsoft Exchange Server	Important	7.5	Spoofing	No	Yes
CVE-2024-49042	Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability	Azure Database for PostgreSQL	Important	7.2	Elevation of Privilege	No	No
CVE-2024-49043	Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability	SQL Server	Important	7.8	Remote Code Execution	No	No
CVE-2024-49044	Visual Studio Elevation of Privilege Vulnerability	Visual Studio	Important	6.7	Elevation of Privilege	No	No
CVE-2024-49046	Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability	Windows Win32 Kernel Subsystem	Important	7.8	Elevation of Privilege	No	No
CVE-2024-49049	Visual Studio Code Remote Extension Elevation of Privilege Vulnerability	Visual Studio Code	Moderate	7.1	Elevation of Privilege	No	No
CVE-2024-49056	Airlift.microsoft.com Elevation of Privilege Vulnerability	Airlift.microsoft.com	Critical	7.3	Elevation of Privilege	No	No
CVE-2024-43598	LightGBM Remote Code Execution Vulnerability	LightGBM	Important	7.5	Remote Code Execution	No	No
CVE-2024-43613	Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability	Azure Database for PostgreSQL	Important	7.2	Elevation of Privilege	No	No
CVE-2024-43620	Windows Telephony Service Remote Code Execution Vulnerability	Windows Telephony Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-43621	Windows Telephony Service Remote Code Execution Vulnerability	Windows Telephony Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-43622	Windows Telephony Service Remote Code Execution Vulnerability	Windows Telephony Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-43624	Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability	Role: Windows Hyper-V	Important	8.8	Elevation of Privilege	No	No
CVE-2024-43629	Windows DWM Core Library Elevation of Privilege Vulnerability	Windows DWM Core Library	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43633	Windows Hyper-V Denial of Service Vulnerability	Role: Windows Hyper-V	Important	6.5	Denial of Service	No	No
CVE-2024-43635	Windows Telephony Service Remote Code Execution Vulnerability	Windows Telephony Service	Important	8.8	Remote Code Execution	No	No
CVE-2024-43636	Win32k Elevation of Privilege Vulnerability	Windows DWM Core Library	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43639	Windows Kerberos Remote Code Execution Vulnerability	Windows Kerberos	Critical	9.8	Remote Code Execution	No	No
CVE-2024-43640	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Windows Secure Kernel Mode	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43641	Windows Registry Elevation of Privilege Vulnerability	Windows Registry	Important	7.8	Elevation of Privilege	No	No
CVE-2024-43642	Windows SMB Denial of Service Vulnerability	Windows SMB	Important	7.5	Denial of Service	No	No
CVE-2024-38203	Windows Package Library Manager Information Disclosure Vulnerability	Windows Package Library Manager	Important	6.2	Information Disclosure	No	No
CVE-2024-48993	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-48997	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-48998	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-48999	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49000	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49001	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49002	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49003	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49004	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49005	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49007	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49006	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49008	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49009	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49010	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49011	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49012	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49013	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49014	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49015	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49016	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49017	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49018	SQL Server Native Client Remote Code Execution Vulnerability	SQL Server	Important	8.8	Remote Code Execution	No	No
CVE-2024-49019	Active Directory Certificate Services Elevation of Privilege Vulnerability	Role: Windows Active Directory Certificate Services	Important	7.8	Elevation of Privilege	No	Yes
CVE-2024-49021	Microsoft SQL Server Remote Code Execution Vulnerability	SQL Server	Important	7.8	Remote Code Execution	No	No
CVE-2024-49026	Microsoft Excel Remote Code Execution Vulnerability	Microsoft Office Excel	Important	7.8	Remote Code Execution	No	No
CVE-2024-49027	Microsoft Excel Remote Code Execution Vulnerability	Microsoft Office Excel	Important	7.8	Remote Code Execution	No	No
CVE-2024-49028	Microsoft Excel Remote Code Execution Vulnerability	Microsoft Office Excel	Important	7.8	Remote Code Execution	No	No
CVE-2024-49029	Microsoft Excel Remote Code Execution Vulnerability	Microsoft Office Excel	Important	7.8	Remote Code Execution	No	No
CVE-2024-49030	Microsoft Excel Remote Code Execution Vulnerability	Microsoft Office Excel	Important	7.8	Remote Code Execution	No	No
CVE-2024-49031	Microsoft Office Graphics Remote Code Execution Vulnerability	Microsoft Graphics Component	Important	7.8	Remote Code Execution	No	No
CVE-2024-49032	Microsoft Office Graphics Remote Code Execution Vulnerability	Microsoft Graphics Component	Important	7.8	Remote Code Execution	No	No
CVE-2024-49033	Microsoft Word Security Feature Bypass Vulnerability	Microsoft Office Word	Important	7.5	Security Feature Bypass	No	No
CVE-2024-49039	Windows Task Scheduler Elevation of Privilege Vulnerability	Windows Task Scheduler	Important	8.8	Elevation of Privilege	Yes	No
CVE-2024-49048	TorchGeo Remote Code Execution Vulnerability	TorchGeo	Important	8.1	Remote Code Execution	No	No
CVE-2024-49050	Visual Studio Code Python Extension Remote Code Execution Vulnerability	Visual Studio Code	Important	8.8	Remote Code Execution	No	No
CVE-2024-49051	Microsoft PC Manager Elevation of Privilege Vulnerability	Microsoft PC Manager	Important	7.8	Elevation of Privilege	No	No
ADV240001	Microsoft SharePoint Server Defense in Depth Update	Microsoft Office SharePoint	None	N/A	Defense in Depth	No	No
CVE-2024-43498	.NET and Visual Studio Remote Code Execution Vulnerability	.NET and Visual Studio	Critical	9.8	Remote Code Execution	No	No
CVE-2024-43499	.NET and Visual Studio Denial of Service Vulnerability	.NET and Visual Studio	Important	7.5	Denial of Service	No	No

文章来源: https://securityboulevard.com/2024/11/patch-tuesday-update-november-2024/
如有侵权请联系:admin#unsafe.sh