Microsoft has released its final patch for the year with a total of 72 security fixes spanning its software portfolio. This includes one critical flaw that has been actively exploited in the wild, dubbed CVE-2024-49138.
The vulnerability, affecting the Windows Common Log File System (CLFS) Driver, allows an attacker to gain SYSTEM privileges. Microsoft credited cybersecurity company CrowdStrike for discovering and reporting this flaw.
Ransomware operators have developed a penchant for exploiting CLFS elevation of privilege flaws over the years. To combat this, Microsoft is working on adding a new verification step when parsing log files, which can detect if log files have been modified by anything other than the CLFS driver itself.
Other notable vulnerabilities include remote code execution flaws in Windows Lightweight Directory Access Protocol (LDAP), Windows Hyper-V, Remote Desktop Client, and Microsoft Muzic. The U.S. Cybersecurity and Infrastructure Security Agency has added this flaw to its Known Exploited Vulnerabilities catalog, requiring Federal Civilian Executive Branch agencies to apply necessary remediations by December 31, 2024.
Other software vendors have also released security updates to address vulnerabilities in their products. This includes patches from Adobe, AMD, Google, and several hardware manufacturers.
Source: https://thehackernews.com/2024/12/microsoft-fixes-72-flaws-including.html