Security News > 2024 > November > Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (CVE-2024-43451, CVE-2024-49039) CVE-2024-43451 is yet another vulnerability that allows attackers to elevate their privileges on targeted Windows and Windows Server machines by disclosing the user’s NTLMv2 hash, which contains their authentication credentials. The hash can then be used by … More → The post Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/12/cve-2024-43451-cve-2024-49039/
Related news
- Microsoft fixes exploited zero-day (CVE-2024-49138) (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) (source)
- Microsoft launches Zero Day Quest hacking event with $4 million in rewards (source)
- Microsoft announces Zero Day Quest hacking event with big rewards (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-12 | CVE-2024-49039 | Unspecified vulnerability in Microsoft products Windows Task Scheduler Elevation of Privilege Vulnerability | 8.8 |
2024-11-12 | CVE-2024-43451 | Unspecified vulnerability in Microsoft products NTLM Hash Disclosure Spoofing Vulnerability | 6.5 |