• Home
  • Laptops
  • Laptops News
  • Microsoft Windows 11 and Windows 10 Updated With Fix for Actively Exploited Zero Day Vulnerability

Microsoft Windows 11 and Windows 10 Updated With Fix for Actively Exploited Zero-Day Vulnerability

Microsoft has patched a publicly disclosed zero-day vulnerability that was actively exploited to gain system-level privileges on Windows PCs.

Microsoft Windows 11 and Windows 10 Updated With Fix for Actively Exploited Zero-Day Vulnerability

Photo Credit: Microsoft

PCs running Windows 11 and Windows 10 will receive mandatory updates with fixes for the flaws

Highlights
  • Microsoft has fixed several critical Windows security flaws
  • Both Windows 11 and Windows 10 have received security fixes
  • Microsoft has released patches for 71 security vulnerabilities
Advertisement

Microsoft has rolled out its latest security updates as part of the December 2024 Patch Tuesday release, and users with Windows laptops and desktop computers should update their systems as soon as possible. According to the company's release notes, the latest security updates fix a publicly disclosed, actively exploited zero-day vulnerability. It also includes fixes for 30 remote code execution vulnerabilities — of these, 16 are designated as critical — and 41 other security flaws related to operating system components.

Microsoft Fixes Zero-Day Vulnerability Discovered by Crowdstrike

The security updates rolled out by Microsoft on Tuesday (via BleepingComputer) include a fix for CVE-2024-49138 (Windows Common Log File System Driver Elevation of Privilege Vulnerability), which is a publicly disclosed zero-day vulnerability that was actively exploited, according to the company.

The flaw allowed attackers to gain access to system-level privileges on an affected Windows PC, and was discovered by Crowdstrike's Advanced Research Team. Details on how the flaw was exploited were not provided by Microsoft, presumably to ensure that users have enough time to install the latest security updates.

In addition to the fixes for the actively exploited zero-day vulnerability, Microsoft has also patched a total of 71 flaws affecting various Windows components. This includes 30 remote code execution vulnerabilities, out of which 16 have a 'Critical' severity rating, and 27 vulnerabilities that would enable attackers to gain elevated privileges on an unpatched Windows PC.

The latest security updates for Windows also include patches for flaws in third party products. Vendors like Adobe, Cisco, OpenWrt, and SAP have issued security updates, while the US Cybersecurity and Infrastructure Security Agency (CISA) has published advisories on vulnerabilities in industrial control systems from various companies.

Users with Windows 11 PCs will need to install the KB5048667 (24H2) and KB5048685 (23H2) cumulative updates, which contain the December 2024 security updates. Users with older machines that are running Windows 10 will need to install the KB5048652 (22H2) update.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

David Delima
As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More
Vikram's Gritty Historical Drama Thangalaan Now Streaming on Netflix
Racial Bias in Web3, Blockchain Boom in Indian Entreprises: Interview With Polygon’s Sandeep Nailwal    
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »