On-demand webinar: Building a secure and employee-centric digital workplace

WATCH NOW

Microsoft Patch Tuesday November 2024 - Summary

192

Patches

89

Vulnerabilities

45

Articles

6

Impacts

CVE Index for November 2024 Patch Tuesday Updates

Vulnerable Component Impact CVE ID
Airlift.microsoft.com Elevation of Privilege CVE-2024-49056
Windows Kerberos Remote Code Execution CVE-2024-43639
Microsoft Windows VMSwitch Elevation of Privilege CVE-2024-43625
.NET and Visual Studio Remote Code Execution CVE-2024-43498
Vulnerable Component Impact CVE ID
Microsoft Exchange Server Spoofing CVE-2024-49040
Windows Task Scheduler Elevation of Privilege CVE-2024-49039
Active Directory Certificate Services Elevation of Privilege CVE-2024-49019
NTLM Hash Disclosure Spoofing CVE-2024-43451
CVE ID Severity Impact
CVE-2024-49046 Important Elevation of Privilege
CVE-2024-49032 Important Remote Code Execution
CVE-2024-49031 Important Remote Code Execution
CVE-2024-43646 Important Elevation of Privilege
CVE-2024-43645 Important Security Feature Bypass
CVE-2024-43644 Important Elevation of Privilege
CVE-2024-43643 Important Elevation of Privilege
CVE-2024-43642 Important Denial of Service
CVE-2024-43641 Important Elevation of Privilege
CVE-2024-43640 Important Elevation of Privilege
CVE-2024-5535 Important Remote Code Execution
CVE-2024-43638 Important Elevation of Privilege
CVE-2024-43637 Important Elevation of Privilege
CVE-2024-43636 Important Elevation of Privilege
CVE-2024-43635 Important Remote Code Execution
CVE-2024-43634 Important Elevation of Privilege
CVE-2024-43633 Important Denial of Service
CVE-2024-43631 Important Elevation of Privilege
CVE-2024-43630 Important Elevation of Privilege
CVE-2024-43629 Important Elevation of Privilege
CVE-2024-43628 Important Remote Code Execution
CVE-2024-43627 Important Remote Code Execution
CVE-2024-43626 Important Elevation of Privilege
CVE-2024-49051 Important Elevation of Privilege
CVE-2024-43624 Important Elevation of Privilege
CVE-2024-43623 Important Elevation of Privilege
CVE-2024-43622 Important Remote Code Execution
CVE-2024-43621 Important Remote Code Execution
CVE-2024-43620 Important Remote Code Execution
CVE-2024-43530 Important Elevation of Privilege
CVE-2024-43528 Important Elevation of Privilege
CVE-2024-43516 Important Elevation of Privilege
CVE-2024-43511 Important Elevation of Privilege
CVE-2024-43452 Important Elevation of Privilege
CVE-2024-43450 Important Spoofing
CVE-2024-43449 Important Elevation of Privilege
CVE-2024-43447 Important Remote Code Execution
CVE-2024-38264 Important Denial of Service
CVE-2024-38203 Important Information Disclosure
CVE ID Severity Impact
CVE-2024-49043 Important Remote Code Execution
CVE-2024-49042 Important Elevation of Privilege
CVE-2024-49033 Important Security Feature Bypass
CVE-2024-49030 Important Remote Code Execution
CVE-2024-49029 Important Remote Code Execution
CVE-2024-49028 Important Remote Code Execution
CVE-2024-49027 Important Remote Code Execution
CVE-2024-49026 Important Remote Code Execution
CVE-2024-49021 Important Remote Code Execution
CVE-2024-49018 Important Remote Code Execution
CVE-2024-49017 Important Remote Code Execution
CVE-2024-49016 Important Remote Code Execution
CVE-2024-49015 Important Remote Code Execution
CVE-2024-49014 Important Remote Code Execution
CVE-2024-49013 Important Remote Code Execution
CVE-2024-49012 Important Remote Code Execution
CVE-2024-49011 Important Remote Code Execution
CVE-2024-49010 Important Remote Code Execution
CVE-2024-49009 Important Remote Code Execution
CVE-2024-49008 Important Remote Code Execution
CVE-2024-49007 Important Remote Code Execution
CVE-2024-49006 Important Remote Code Execution
CVE-2024-49005 Important Remote Code Execution
CVE-2024-49004 Important Remote Code Execution
CVE-2024-49003 Important Remote Code Execution
CVE-2024-49002 Important Remote Code Execution
CVE-2024-49001 Important Remote Code Execution
CVE-2024-49000 Important Remote Code Execution
CVE-2024-48999 Important Remote Code Execution
CVE-2024-48998 Important Remote Code Execution
CVE-2024-48997 Important Remote Code Execution
CVE-2024-48996 Important Remote Code Execution
CVE-2024-48995 Important Remote Code Execution
CVE-2024-48994 Important Remote Code Execution
CVE-2024-48993 Important Remote Code Execution
CVE-2024-43613 Important Elevation of Privilege
CVE-2024-43462 Important Remote Code Execution
CVE-2024-43459 Important Remote Code Execution
CVE-2024-38255 Important Remote Code Execution
CVE ID Severity Impact
CVE-2024-43602 Important Remote Code Execution
Vulnerable Component CVE ID Severity Impact
.NET and Visual Studio CVE-2024-43499 Important Denial of Service
LightGBM CVE-2024-43598 Important Remote Code Execution
TorchGeo CVE-2024-49048 Important Remote Code Execution
Visual Studio Code Python Extension CVE-2024-49050 Important Remote Code Execution
Visual Studio CVE-2024-49044 Important Elevation of Privilege
Visual Studio Code Remote Extension CVE-2024-49049 Moderate Elevation of Privilege

Previous Patch Tuesday Updates and Fixes

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday, the colloquial term for Microsoft's Update Tuesday that falls on second Tuesday of every month. That is when Microsoft rolls out patch updates to improve security of Microsoft applications. Coinciding with the Patch Tuesday it is also a general trend for the roll out of patch updates for other third party applications that include Adobe and Mozilla, among many others.

When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on November 12, 2024.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on -. You can make your registrations here.

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.