Summary
Microsoft has released monthly security updates that address a total of 120 new vulnerabilities, including 5 zero-day vulnerabilities.
Note: The vendor states that exploits for CVE-2024-43573, CVE-2024-6197, CVE-2024-20659, CVE-2024-43572, and CVE-2024-43583 are available online.
Note: The vendor states that CVE-2024-43573 and CVE-2024-43572 are being actively exploited online.
Note (updated 10/14/2024): A Proof of Concept (PoC) for exploiting CVE-2024-43582 is available online.
Risk
Vulnerability impact estimate on the target community: SEVERE/RED (76.66/100)1.
Type
- Tampering
- Spoofing
- Denial of Service
- Remote Code Execution
- Security Feature Bypass
- Information Disclosure
- Elevation of Privilege
Affected Products and Versions
- .NET, .NET Framework, Visual Studio
- Azure CLI
- Azure Monitor
- Azure Stack
- BranchCache
- Code Integrity Guard
- DeepSpeed
- Internet Small Computer Systems Interface (iSCSI)
- Microsoft ActiveX
- Microsoft Configuration Manager
- Microsoft Defender for Endpoint
- Microsoft Graphics Component
- Microsoft Management Console
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Visio
- Microsoft Simple Certificate Enrollment Protocol
- Microsoft WDAC OLE DB provider for SQL
- Microsoft Windows Speech
- OpenSSH for Windows
- Outlook for Android
- Power BI
- Remote Desktop Client
- RPC Endpoint Mapper Service
- Service Fabric
- Sudo for Windows
- Visual C++ Redistributable Installer
- Visual Studio
- Visual Studio Code
- Windows Ancillary Function Driver for WinSock
- Windows BitLocker
- Windows Common Log File System Driver
- Windows Cryptographic Services
- Windows EFI Partition
- Windows Hyper-V
- Windows Kerberos
- Windows Kernel
- Windows Kernel-Mode Drivers
- Windows Local Security Authority (LSA)
- Windows Mobile Broadband
- Windows MSHTML Platform
- Windows Netlogon
- Windows Network Address Translation (NAT)
- Windows NT OS Kernel
- Windows NTFS
- Windows Online Certificate Status Protocol (OCSP)
- Windows Print Spooler Components
- Windows Remote Desktop
- Windows Remote Desktop Licensing Service
- Windows Remote Desktop Services
- Windows Resilient File System (ReFS)
- Windows Routing and Remote Access Service (RRAS)
- Windows Scripting
- Windows Secure Channel
- Windows Secure Kernel Mode
- Windows Shell
- Windows Standards-Based Storage Management Service
- Windows Storage
- Windows Storage Port Driver
- Windows Telephony Server
- Winlogon
Mitigation Actions
In line with vendor statements, it is recommended to update impacted products through the appropriate Windows Update function.
Unique Vulnerability Identifiers
References
https://msrc.microsoft.com/update-guide/releaseNote/2024-Oct
https://msrc.microsoft.com/update-guide (NB: filtro: patch tuesday – October 2024)
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
