Consorzio Metis

CSIRT Toscana

CSIRT Toscana

Aggiornamenti Mensili Microsoft (AL01/241211/CSIRT-ITA)

Data:
7 Gennaio 2025 11:20

Sintesi

Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 71 nuove vulnerabilità, di cui una di tipo 0-day.

Note (aggiornamento del 07/01/2025): un Proof of Concept (PoC) per lo sfruttamento della CVE-2024-49113 risulterebbe disponibile in rete.

Note (aggiornamento del 20/12/2024): dei Proof of Concept (PoC) per lo sfruttamento delle CVE-2024-49138 e CVE-2024-49112 risulterebbe disponibile in rete.

Note: la CVE-2024-49138 risulta essere sfruttata attivamente in rete.

Impatto Sistemico

Critico (76.66)

Tipologia

  • Elevation of Privilege
  • Spoofing
  • Remote Code Execution
  • Denial of Service
  • Defense in Depth
  • Information Disclosure

Prodotti e versioni affette

  • Microsoft Defender for Endpoint
  • Microsoft Edge (Chromium-based)
  • Microsoft Office
  • Microsoft Office Access
  • Microsoft Office Excel
  • Microsoft Office Publisher
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Remote Desktop Client
  • Role: DNS Server
  • Role: Windows Hyper-V
  • System Center Operations Manager
  • Windows Cloud Files Mini Filter Driver
  • Windows Common Log File System Driver
  • Windows File Explorer
  • Windows IP Routing Management Snapin
  • Windows Kernel
  • Windows Kernel-Mode Drivers
  • Windows LDAP – Lightweight Directory Access Protocol
  • Windows Local Security Authority Subsystem Service (LSASS)
  • Windows Message Queuing
  • Windows Mobile Broadband
  • Windows PrintWorkflowUserSvc
  • Windows Remote Desktop
  • Windows Remote Desktop Services
  • Windows Resilient File System (ReFS)
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Task Scheduler
  • Windows Virtualization-Based Security (VBS) Enclave
  • Windows Wireless Wide Area Network Service
  • WmsRepair Service

Azioni di mitigazione

In linea con le dichiarazioni del vendor, si raccomanda di procedere all’aggiornamento dei prodotti impattati attraverso l’apposita funzione di Windows Update.

CVE

CVE-ID
CVE-2024-43594 CVE-2024-43600 CVE-2024-49057 CVE-2024-49059
CVE-2024-49062 CVE-2024-49063 CVE-2024-49064 CVE-2024-49065
CVE-2024-49068 CVE-2024-49069 CVE-2024-49070 CVE-2024-49072
CVE-2024-49073 CVE-2024-49074 CVE-2024-49075 CVE-2024-49076
CVE-2024-49077 CVE-2024-49078 CVE-2024-49079 CVE-2024-49080
CVE-2024-49081 CVE-2024-49082 CVE-2024-49083 CVE-2024-49084
CVE-2024-49085 CVE-2024-49086 CVE-2024-49087 CVE-2024-49088
CVE-2024-49089 CVE-2024-49090 CVE-2024-49091 CVE-2024-49092
CVE-2024-49093 CVE-2024-49094 CVE-2024-49095 CVE-2024-49096
CVE-2024-49097 CVE-2024-49098 CVE-2024-49099 CVE-2024-49101
CVE-2024-49102 CVE-2024-49103 CVE-2024-49104 CVE-2024-49106
CVE-2024-49107 CVE-2024-49108 CVE-2024-49109 CVE-2024-49110
CVE-2024-49111 CVE-2024-49112 CVE-2024-49113 CVE-2024-49114
CVE-2024-49115 CVE-2024-49116 CVE-2024-49117 CVE-2024-49118
CVE-2024-49119 CVE-2024-49120 CVE-2024-49121 CVE-2024-49122
CVE-2024-49123 CVE-2024-49124 CVE-2024-49125 CVE-2024-49126
CVE-2024-49127 CVE-2024-49128 CVE-2024-49129 CVE-2024-49132
CVE-2024-49138 CVE-2024-49142

Riferimenti

https://msrc.microsoft.com/update-guide/releaseNote/2024-Dec
https://msrc.microsoft.com/update-guide (NB: filtro: patch tuesday – December 2024)

Il presente articolo è un prodotto originale di csirt.gov.it, riproposto qui a solo scopo di aumentarne la visibilità.