Microsoft December 2024 Security Updates

Security 10833 Published by

Microsoft has issued 72 CVEs, including System Center Operations Manager, Microsoft Office, Microsoft Edge (Chromium-based), Microsoft Defender for Endpoint. Microsoft Office SharePoint, GitHub, Microsoft Office Word, Microsoft Office Excel, Windows Task Scheduler, Windows Mobile Broadband, Windows Kernel-Mode Drivers, Windows Remote Desktop Services, Windows Virtualization-Based Security (VBS) Enclave, Windows Resilient File System (ReFS), Windows PrintWorkflowUserSvc, Windows Message Queuing, Windows Wireless Wide Area Network Service, Windows LDAP - Lightweight Directory Access Protocol, and Wi Windows Remote Desktop Services.





December 2024 Security Updates

This release consists of the following 72 Microsoft CVEs:

TagCVEBase ScoreFAQs?Workarounds?Mitigations?
System Center Operations Manager CVE-2024-435947.3YesNoNo
Microsoft Office CVE-2024-436007.8YesNoNo
Microsoft Edge (Chromium-based) CVE-2024-490414.3YesNoNo
Microsoft Defender for Endpoint CVE-2024-490578.1YesNoNo
Microsoft Office CVE-2024-490597.0YesNoNo
Microsoft Office SharePoint CVE-2024-490626.5YesNoNo
GitHub CVE-2024-490638.4YesNoNo
Microsoft Office SharePoint CVE-2024-490646.5YesNoNo
Microsoft Office Word CVE-2024-490655.5YesNoNo
Microsoft Office SharePoint CVE-2024-490688.2YesNoNo
Microsoft Office Excel CVE-2024-490697.8YesNoNo
Microsoft Office SharePoint CVE-2024-490707.4YesNoNo
Windows Task Scheduler CVE-2024-490727.8YesNoNo
Windows Mobile Broadband CVE-2024-490736.8YesNoNo
Windows Kernel-Mode Drivers CVE-2024-490747.8YesNoNo
Windows Remote Desktop Services CVE-2024-490757.5NoNoNo
Windows Virtualization-Based Security (VBS) Enclave CVE-2024-490767.8YesNoNo
Windows Mobile Broadband CVE-2024-490776.8YesNoNo
Windows Mobile Broadband CVE-2024-490786.8YesNoNo
Microsoft Office Publisher CVE-2024-490797.8YesNoNo
Windows IP Routing Management Snapin CVE-2024-490808.8YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-490816.6YesNoNo
Windows File Explorer CVE-2024-490826.8YesNoNo
Windows Mobile Broadband CVE-2024-490836.8YesNoNo
Windows Kernel CVE-2024-490847.0YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-490858.8YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-490868.8YesNoNo
Windows Mobile Broadband CVE-2024-490874.6YesNoNo
Windows Common Log File System Driver CVE-2024-490887.8YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-490897.2YesNoNo
Windows Common Log File System Driver CVE-2024-490907.8YesNoNo
Role: DNS Server CVE-2024-490917.2YesNoNo
Windows Mobile Broadband CVE-2024-490926.8YesNoNo
Windows Resilient File System (ReFS) CVE-2024-490938.8YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-490946.6YesNoNo
Windows PrintWorkflowUserSvc CVE-2024-490957.0YesNoNo
Windows Message Queuing CVE-2024-490967.5NoNoNo
Windows PrintWorkflowUserSvc CVE-2024-490977.0YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-490984.3YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-490994.3YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-491016.6YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-491028.8YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-491034.3YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-491048.8YesNoNo
Remote Desktop Client CVE-2024-491058.4YesNoNo
Windows Remote Desktop Services CVE-2024-491068.1YesNoNo
WmsRepair Service CVE-2024-491077.3YesNoNo
Windows Remote Desktop Services CVE-2024-491088.1YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-491096.6YesNoNo
Windows Mobile Broadband CVE-2024-491106.8YesNoNo
Windows Wireless Wide Area Network Service CVE-2024-491116.6YesNoNo
Windows LDAP - Lightweight Directory Access Protocol CVE-2024-491129.8YesNoYes
Windows LDAP - Lightweight Directory Access Protocol CVE-2024-491137.5NoNoNo
Windows Cloud Files Mini Filter Driver CVE-2024-491147.8YesNoNo
Windows Remote Desktop Services CVE-2024-491158.1YesNoNo
Windows Remote Desktop Services CVE-2024-491168.1YesNoNo
Role: Windows Hyper-V CVE-2024-491178.8YesNoNo
Windows Message Queuing CVE-2024-491188.1YesNoNo
Windows Remote Desktop Services CVE-2024-491198.1YesNoNo
Windows Remote Desktop Services CVE-2024-491208.1YesNoNo
Windows LDAP - Lightweight Directory Access Protocol CVE-2024-491217.5NoNoNo
Windows Message Queuing CVE-2024-491228.1YesNoNo
Windows Remote Desktop Services CVE-2024-491238.1YesNoNo
Windows LDAP - Lightweight Directory Access Protocol CVE-2024-491248.1YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2024-491258.8YesNoNo
Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-491268.1YesNoNo
Windows LDAP - Lightweight Directory Access Protocol CVE-2024-491278.1YesNoNo
Windows Remote Desktop Services CVE-2024-491288.1YesNoNo
Windows Remote Desktop Services CVE-2024-491297.5YesNoNo
Windows Remote Desktop CVE-2024-491328.1YesNoNo
Windows Common Log File System Driver CVE-2024-491387.8YesNoNo
Microsoft Office Access CVE-2024-491427.8YesNoNo

We are republishing 1 non-Microsoft CVEs:

CNATagCVEFAQs?Workarounds?Mitigations?
ChromeMicrosoft Edge (Chromium-based) CVE-2024-12053YesNoNo

Security Update Guide Blog Posts

DateBlog Post
November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

  • The new Hotpatching feature is now generally available. Please see  Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the  Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see  Windows Lifecycle Facts Sheet.
  • Microsoft is improving Windows Release Notes. For more information, please see  What's next for Windows release notes.
  • A list of the latest servicing stack updates for each operating system can be found in  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See  4522133 for more information.

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see  Windows message center (links to currently-supported versions of Windows are in the left pane).

KB ArticleApplies To
5048667Windows 11, version 24H2
5048685Windows 11, version 22H2, Windows 11, version 23H2
5048710Windows Server 2008 (Monthly Rollup)
5048744Windows Server 2008 (Security-only update)

Win10

Security Update Guide - Microsoft Security Response Center

Apache NetBeans IDE 24 released

Python update for Fedora 40

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...