Connect with us

Hi, what are you looking for?

Reviews

Microsoft Announces December 2024 Windows Security Updates

Image Source: PixieMe / Shutterstock

Welcome to the final summary of Windows security updates for 2024. Today, Microsoft has announced security updates for its Windows operating system, Office suite, and several other products.

This monthly guide serves as a helpful resource for both home users and IT administrators, providing a detailed account of the security updates that have been released. It also includes insights into known issues, non-security updates, links to support resources, and download links, among other pertinent information.

Note: Microsoft has recently extended updates to devices that are no longer within their support lifecycle, in addition to the most current version of Windows 10. These updates are intended to inform users about their support status and to introduce feature updates where applicable.

Microsoft Windows Security Updates: October 2024

You can download the following Excel file for a complete list of released updates. Click the link below to download the archive to your local device: Windows Security Updates December 2024.

Executive Summary

  • Microsoft has deployed a total of 72 security updates for various Microsoft products, along with one update addressing non-Microsoft issues (such as Chromium).
  • Identified issues on Windows client versions include:
    • Windows 11 versions 22H2, 23H2, and 24H2.
  • Identified issues on Windows Server clients include:
    • Windows Server 2008.
    • Windows Server 2025.
  • Windows 11, version 22H2, Home and Pro editions have reached their end of support, and Microsoft will automatically upgrade these devices to newer versions of Windows.

Product Overview

The following sections outline each supported version of Windows and their associated critical vulnerabilities.

  • Windows 10 version 22H2: 44 vulnerabilities, comprising 8 critical and 36 important
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2024-49112
    • Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — CVE-2024-49118
    • Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — CVE-2024-49122
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49123
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability — CVE-2024-49124
    • Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability — CVE-2024-49126
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2024-49127
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49132
  • Windows 11 versions 22H2 and 23H2: 44 vulnerabilities, consisting of 9 critical and 35 important
    • Windows Hyper-V Remote Code Execution Vulnerability — CVE-2024-49117
    • Incorporates critical fixes from Windows 10 version 22H2.
  • Windows 11 version 24H2: 45 vulnerabilities, with 9 critical and 46 important
    • Contains the same vulnerabilities as in versions 22H2 and 23H2.

Windows Server Products

  • Windows Server 2008 R2 (extended support only): 22 vulnerabilities: 6 critical and 16 important
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2024-49112
    • Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — CVE-2024-49122
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability — CVE-2024-49124
    • Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability — CVE-2024-49126
    • Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — CVE-2024-49118
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2024-49127
  • Windows Server 2012 R2 (extended support only): specific number of vulnerabilities not disclosed.
  • Windows Server 2016: 33 vulnerabilities: 13 critical and 20 important
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49106
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49108
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2024-49112
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49115
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49116
    • Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — CVE-2024-49118
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49119
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49120
    • Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — CVE-2024-49122
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability — CVE-2024-49124
    • Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability — CVE-2024-49126
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2024-49127
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49128
  • Windows Server 2019: 56 vulnerabilities: 15 critical and 41 important
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49123
    • Windows Remote Desktop Services Remote Code Execution Vulnerability — CVE-2024-49132
    • Includes updates addressing all critical vulnerabilities identified in Windows Server 2016.
  • Windows Server 2022: 41 vulnerabilities: 16 critical and 25 important
    • Windows Hyper-V Remote Code Execution Vulnerability — CVE-2024-49117
    • Contains updates for all critical issues found in Windows Server 2019 and 2016.
  • Windows Server 2025: 57 vulnerabilities: 16 critical and 41 important
    • Includes the same vulnerabilities as in Windows Server 2022.

Windows Security Updates

Windows 10 version 22H2

  • Support Page: KB5048652

Updates and improvements:

  • Implemented security fixes.
  • Addressed an issue that interrupted Windows activation following a motherboard replacement.
  • Updated Country and Operator Settings Assets.
  • Resolved an issue linked to IPP USB printers.

Windows 11 versions 22H2 and 23H2

  • Support Page: KB5048685

Updates and improvements:

  • Implemented security fixes.
  • Customized Experiences have been renamed to Personalized offers in the Out of Box experience. This feature can be disabled in Settings > Privacy & Security.
  • The System Tray now shows a condensed format for date and time. The year has been removed from the date, and the am/pm indicator is absent from the time. Users can restore these options via Settings > Date and Time.
  • Start menu apps now support jumplists that can be accessed via right-click. Holding Shift while clicking allows apps to be launched with administrative privileges.
  • New options for touchscreen edge gestures enable users to disable gestures on the left or right edges of the screen. Configuration is done under Settings > Bluetooth & Devices.

You May Also Like

Reviews

Artificial Intelligence carries a substantial cost. Major players in this industry employ a variety of approaches to fund their operations. For example, OpenAI relies...

Reviews

OpenAI has unveiled a groundbreaking AI model capable of generating videos from text, known as Sora. Initially showcased earlier this year, Sora has now...

Reviews

Feeling swamped by your email inbox? You are not alone. For countless individuals today, email management has become a daily hurdle that intensifies with...

Reviews

EditThisCookie is a specialized extension for Google Chrome that enables users to alter cookie data saved by their browser. I initially spotlighted it in...