Microsoft's recent Patch Tuesday brought 72 fixes, the most critical being CVE-2024-49138, a vulnerability allowing escalation of privilege attacks on Windows systems.
The highest-ranked vulnerability this month, CVE-2024-49112, poses a significant risk related to the Windows LDAP, with a CVSS score of 9.8, but is complex to exploit.
Workarounds include, as Microsoft suggests, configuring domain controllers to block untrusted network RPCs to mitigate the exploitability of high-risk vulnerabilities.
Of the six vulnerabilities flagged as likely to be exploited, CVE-2024-49093 in the Windows Resilient File System gives attackers the chance to upgrade privileges and execute code.
Collection
[
|
...
]