October 2024 Microsoft Patch Tuesday update fixes 117 Security Flaws
Today Microsoft fixed at least 117 security vulnerabilities in its product portfolio. Here are Details on Microsoft's security updates in October 2024 Patch Tuesday.
Today is the second Tuesday of October 2024, and Microsoft has released its latest security updates. These updates address 117 vulnerabilities across various Microsoft products. Microsoft also addressed, five publicly disclosed zero-days, two of which are actively exploited. Among the 117 vulnerabilities addressed today, three of them are considered critical because they can allow attackers to gain higher privileges, execute remote code, or engage in spoofing activities, and the remaining 113 are rated Important, and one is rated Moderate in severity.
Five zero-day vulnerabilities:
- CVE-2024-43573 – Windows MSHTML Platform Spoofing Vulnerability
- CVE-2024-43572 – Microsoft Management Console Remote Code Execution Vulnerability
- CVE-2024-6197 – Open Source Curl Remote Code Execution Vulnerability
- CVE-2024-20659 – Windows Hyper-V Security Feature Bypass Vulnerability
- CVE-2024-43583 – Winlogon Elevation of Privilege Vulnerability
Three Critical Severity Vulnerabilities:
- CVE-2024-43468: Microsoft Configuration Manager Remote Code Execution Vulnerability
- CVE-2024-43582: Remote Desktop Protocol Server Remote Code Execution Vulnerability
- CVE-2024-43488: Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
Microsoft patched 117 CVEs in its October 2024 Patch Tuesday Release, including Five publicly disclosed zero-day ( CVE-2024-43573 , CVE-2024-43572 , CVE-2024-6197, CVE-2024-20659 and CVE-2024-43583) , with Three rated as critical and 114 rated as important and moderate.
Quick Links
Microsoft October 2024 Patch Tuesday update
This month’s Patch Tuesday fixes 117 Vulnerabilities including 43 critical Remote Code Execution Vulnerability.
The number of bugs in each vulnerability category is listed below:
- 28 Elevation of Privilege vulnerabilities
- 7 Security Feature Bypass vulnerabilities
- 43 Remote Code Execution vulnerabilities
- 6 Information Disclosure vulnerabilities
- 26 Denial of Service vulnerabilities
- 7 Spoofing vulnerabilities
This month’s update includes patches for Five Zero-day Vulnerabilities and three critical Remote Code Execution vulnerabilities.
Five zero-day vulnerabilities fixed
CVE-2024-43573: Windows MSHTML Platform Spoofing Vulnerability
- MSHTML, a browser engine tied to Internet Explorer, remains vulnerable despite IE 11’s end of support. Microsoft has not detailed how this vulnerability is exploited, but it involves components used by IE and Legacy Microsoft Edge. CISA lists it as actively exploited, urging patches by October 29, 2024.
CVE-2024-43572: Microsoft Management Console (MMC) Vulnerability
- This vulnerability in MMC allows potential remote code execution. Although details are limited, CISA has acknowledged active exploitation and recommends patching before October 29, 2024.
CVE-2024-6197: Curl Remote Code Execution Vulnerability
- The Curl vulnerability requires a client to interact with a malicious server, potentially allowing code execution. Windows includes the curl command line tool, though not libcurl.
CVE-2024-20659: Windows Hyper-V Security Bypass Vulnerability
- An attacker can exploit this Hyper-V vulnerability after gaining restricted network access, potentially bypassing UEFI and compromising the hypervisor and secure kernel.
CVE-2024-43583: Winlogon Elevation of Privilege Vulnerability
- This vulnerability can lead to SYSTEM-level privileges if exploited. Microsoft advises enabling first-party IME to help mitigate the risk.
Three Critical Remote Code Execution Vulnerability fixed
CVE-2024-43468: Microsoft Configuration Manager Remote Code Execution Vulnerability
- This vulnerability allows an unauthenticated attacker to send specially crafted requests to Microsoft Configuration Manager, leading to remote code execution on the server or database. It affects large-scale IT management environments.
CVE-2024-43582: Remote Desktop Protocol Server Remote Code Execution Vulnerability
- An attacker can exploit this RDP vulnerability by sending malicious packets to an RPC host. Successful exploitation could result in remote code execution with the same permissions as the RPC service on the server.
CVE-2024-43488: Visual Studio Code Arduino Extension Remote Code Execution Vulnerability
- The VS Code Arduino extension has a vulnerability due to missing authentication for critical functions. An unauthenticated attacker can exploit it, leading to remote code execution within the affected system.
Windows security updates
In addition to Microsoft security updates, this October 2024 Patch Tuesday update also brought Windows 11 and Windows 10 cumulative updates. That includes KB5044273 for Windows 10 and KB5044285 for Windows 11 version 23H2. So if you are running any of these Windows versions make sure you update them as you install the new patches.
Windows 7 and Windows 8.1 reached the End of support from Microsoft, which means the company no longer provides frequent updates or security patches for these operating systems. For more information please visit the Microsoft lifecycle page at https://learn.microsoft.com/en-us/lifecycle/end-of-support/end-of-support-2023
Windows 11 KB5044285
Windows 11’s October 2024 Update, KB5044285 advance Build 22631.4317, addresses a known issue causing the device to restart multiple times or stop responding. Blue or green screens also appear. In some cases, the Automatic Repair tool opens by itself. In other cases, the issue triggers BitLocker recovery.
This update also includes the ability to share local files directly from search results in the taskbar’s Search box and a redesigned Delivery Optimization Settings page matching the Windows 11 design.
Fixes issues with Microsoft Edge in IE mode, Task Manager freezing when switching themes, and Windows identity protection requiring multiple credential entries. It also allows Copilot Pro management in Settings and addresses inconsistencies in TCP data, updates COSA profiles for certain operators, fixes repeated PIN prompts for encrypted emails, and resolves file sync problems with Microsoft Defender for Endpoint enabled.
You can read the complete changelog of the Microsoft support blog here.
Windows 10 KB5044273
The KB5044273 cumulative update for Windows 10 22H2 brings significant changes and additions. Upon installation, Windows 10 22H2 is updated to build 19045.5011.
It includes a new background color for the Start menu’s left pane and repositioning of the profile picture. It fixes issues with Microsoft Edge freezing in IE mode, media playback stopping with certain surround sound technology, and frequent prompts in Microsoft Entra single sign-on.
The update also addresses problems with Windows server becoming unresponsive when using File Explorer or the taskbar, updates COSA profiles for mobile operators, improves Windows Update notifications, fixes directory enumeration failures with long symbolic links, and resolves file sync issues in Microsoft Defender for Endpoint.
You can refer to this article for more details on what’s new on Windows 10 KB5044273.
Download the Windows 10 Cumulative update
All these Security updates Automatically download and get installed on your device via Windows update. If your device has not received it yet open Settings, Update & Security and Check for updates. Once done restart your Device to apply the updates.
- Windows 11 KB5044284 (Version 24H2) offline installer Direct Download Link 64-bit.
- Windows 11 KB5044285 (Version 23H2/22H2) offline installer Direct Download Link 64-bit.
- Windows 10 KB5044273 (For versions 22H2) Direct Download Links: 64-bit and 32-bit (x86).
- Windows 10 KB5044277 (version 1809) 64-bit | Download and 32-bit | Download
The above link directly opens the Microsoft Update Catalog which is the library of Windows Update offline installers. You need to click on the ‘Download’ button next to the version of the OS installed on your machine and run the .msu files to begin the installation of the update.
If you are Looking for Windows 10 22H2 Update ISO image click here Or check How to Upgrade to Windows 10 version 22H2 Using the media creation tool.
If you face any difficulty while installing these updates, Check the Windows 10 Update troubleshooting guide to fix the Windows 10 Cumulative update stuck downloading, failed to install with different errors, etc.
What time do Patch Tuesday patches come out?
- Microsoft schedules the release of security updates on “Patch Tuesday,” the second Tuesday of each month at 10:00 AM PST.
Is Patch Tuesday weekly or monthly?
- Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on November 12, 2024.
Why did the second Tuesday of every month called Patch Tuesday?
- The second Tuesday of the month is referred to as “Patch Tuesday” because Microsoft attempts to combine the largest updates into this maintenance window.
What is the latest update for Windows 11 October 2024?
- The latest KB5044285 for Windows 11 version 23H2/22H2 and KB5044273 for Windows 10 version 22H2.
What is the zero-day patch?
- The term “Zero-Day” is used when security teams are unaware of their software vulnerability, and they’ve had “0” days to work on a security patch or an update to fix the issue.