On-demand webinar: Building a secure and employee-centric digital workplace

WATCH NOW

Microsoft Patch Tuesday Cctober2024 - Summary

203

Patches

117

Vulnerabilities

44

Articles

7

Impacts

CVE Index for October 2024 Patch Tuesday Updates

Vulnerable Component Impact CVE ID
Remote Desktop Protocol Server Remote Code Execution CVE-2024-43582
Visual Studio Code extension for Arduino Remote Code Execution CVE-2024-43488
Microsoft Configuration Manager Remote Code Execution CVE-2024-43468
Vulnerable Component Impact CVE ID
Open Source Curl Remote Code Execution CVE-2024-6197
Winlogon Elevation of Privilege CVE-2024-43583
Windows MSHTML Platform Spoofing CVE-2024-43573
Microsoft Management Console Remote Code Execution CVE-2024-43572
Windows Hyper-V Security Feature Bypass CVE-2024-20659
CVE ID Severity Impact
CVE-2024-43615 Important Remote Code Execution
CVE-2024-43614 Important Spoofing
CVE-2024-43611 Important Remote Code Execution
CVE-2024-43608 Important Remote Code Execution
CVE-2024-43607 Important Remote Code Execution
CVE-2024-43593 Important Remote Code Execution
CVE-2024-43592 Important Remote Code Execution
CVE-2024-43589 Important Remote Code Execution
CVE-2024-43584 Important Security Feature Bypass
CVE-2024-43581 Important Remote Code Execution
CVE-2024-43575 Important Denial of Service
CVE-2024-43574 Important Remote Code Execution
CVE-2024-43571 Important Spoofing
CVE-2024-43570 Important Elevation of Privilege
CVE-2024-43567 Important Denial of Service
CVE-2024-43565 Important Denial of Service
CVE-2024-43564 Important Remote Code Execution
CVE-2024-43563 Important Elevation of Privilege
CVE-2024-43562 Important Denial of Service
CVE-2024-43561 Important Denial of Service
CVE-2024-43560 Important Elevation of Privilege
CVE-2024-43559 Important Denial of Service
CVE-2024-43558 Important Denial of Service
CVE-2024-43557 Important Denial of Service
CVE-2024-43556 Important Elevation of Privilege
CVE-2024-43555 Important Denial of Service
CVE-2024-43554 Important Information Disclosure
CVE-2024-43553 Important Elevation of Privilege
CVE-2024-43552 Important Remote Code Execution
CVE-2024-43551 Important Elevation of Privilege
CVE-2024-43550 Important Spoofing
CVE-2024-43549 Important Remote Code Execution
CVE-2024-43547 Important Information Disclosure
CVE-2024-43546 Important Information Disclosure
CVE-2024-43545 Important Denial of Service
CVE-2024-43544 Important Denial of Service
CVE-2024-43543 Important Remote Code Execution
CVE-2024-43542 Important Denial of Service
CVE-2024-43541 Important Denial of Service
CVE-2024-43540 Important Denial of Service
CVE-2024-43538 Important Denial of Service
CVE-2024-43537 Important Denial of Service
CVE-2024-43536 Important Remote Code Execution
CVE-2024-43535 Important Elevation of Privilege
CVE-2024-43534 Important Information Disclosure
CVE-2024-43529 Important Elevation of Privilege
CVE-2024-43528 Important Elevation of Privilege
CVE-2024-43527 Important Elevation of Privilege
CVE-2024-43526 Important Remote Code Execution
CVE-2024-43525 Important Remote Code Execution
CVE-2024-43524 Important Remote Code Execution
CVE-2024-43523 Important Remote Code Execution
CVE-2024-43522 Important Elevation of Privilege
CVE-2024-43521 Important Denial of Service
CVE-2024-43520 Important Denial of Service
CVE-2024-43518 Important Remote Code Execution
CVE-2024-43517 Important Remote Code Execution
CVE-2024-43516 Important Elevation of Privilege
CVE-2024-43514 Important Elevation of Privilege
CVE-2024-43513 Important Security Feature Bypass
CVE-2024-43512 Important Denial of Service
CVE-2024-43511 Important Elevation of Privilege
CVE-2024-43509 Important Elevation of Privilege
CVE-2024-43508 Important Information Disclosure
CVE-2024-43502 Important Elevation of Privilege
CVE-2024-43501 Important Elevation of Privilege
CVE-2024-43500 Important Information Disclosure
CVE-2024-43456 Important Tampering
CVE-2024-43453 Important Remote Code Execution
CVE-2024-38265 Important Remote Code Execution
CVE-2024-38262 Important Remote Code Execution
CVE-2024-38261 Important Remote Code Execution
CVE-2024-38212 Important Remote Code Execution
CVE-2024-38129 Important Elevation of Privilege
CVE-2024-38124 Important Elevation of Privilege
CVE-2024-38029 Important Remote Code Execution
CVE-2024-37983 Important Security Feature Bypass
CVE-2024-37982 Important Security Feature Bypass
CVE-2024-37979 Important Elevation of Privilege
CVE-2024-37976 Important Security Feature Bypass
CVE-2024-30092 Important Remote Code Execution
CVE-2021-1684 Important Security Feature Bypass
CVE-2021-1683 Important Security Feature Bypass
CVE-2021-1638 Important Security Feature Bypass
CVE ID Severity Impact
CVE-2024-43616 Important Remote Code Execution
CVE-2024-43609 Important Spoofing
CVE-2024-43604 Important Elevation of Privilege
CVE-2024-43576 Important Remote Code Execution
CVE-2024-43519 Important Remote Code Execution
CVE-2024-43505 Important Remote Code Execution
CVE-2024-43504 Important Remote Code Execution
CVE-2024-43503 Important Elevation of Privilege
CVE ID Severity Impact
CVE-2024-43591 Important Elevation of Privilege
CVE-2024-38179 Important Elevation of Privilege
CVE-2024-38097 Important Elevation of Privilege
Vulnerable Component CVE ID Severity Impact
.NET and Visual Studio CVE-2024-43485 Important Denial of Service
CVE-2024-38229 Important Remote Code Execution
CVE-2024-38095 Important Denial of Service
DeepSpeed CVE-2024-43497 Important Remote Code Execution
Remote Desktop Client CVE-2024-43599 Important Remote Code Execution
CVE-2024-43533 Important Remote Code Execution
Visual Studio Code for Linux CVE-2024-43601 Important Remote Code Execution
Azure Service Fabric for Linux CVE-2024-43480 Important Remote Code Execution
Code Integrity Guard CVE-2024-43585 Important Security Feature Bypass
BranchCache CVE-2024-43506 Important Denial of Service
CVE-2024-38149 Important Denial of Service
Internet Small Computer Systems Interface (iSCSI) CVE-2024-43515 Important Denial of Service
Remote Registry Service CVE-2024-43532 Important Elevation of Privilege
Power BI Report Server CVE-2024-43612 Important Spoofing
CVE-2024-43481 Important Spoofing
Visual C++ Redistributable Installer CVE-2024-43590 Important Elevation of Privilege
.NET, .NET Framework, and Visual Studio CVE-2024-43484 Important Denial of Service
CVE-2024-43483 Important Denial of Service
Visual Studio Collector Service CVE-2024-43603 Important Denial of Service

Previous Patch Tuesday Updates and Fixes

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday, the colloquial term for Microsoft's Update Tuesday that falls on second Tuesday of every month. That is when Microsoft rolls out patch updates to improve security of Microsoft applications. Coinciding with the Patch Tuesday it is also a general trend for the roll out of patch updates for other third party applications that include Adobe and Mozilla, among many others.

When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on November 12, 2024.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on -. You can make your registrations here.

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.