💋 Microsoft noyabr oyi uchun navbatdagi "Patch Tuesday" ni e'lon qildi❗️
PoC mavjud :🔻 Elevation of Privilege - Windows Task Scheduler (CVE-2024-49039)
🔻 Disclosure/Spoofing - NTLM Hash (CVE-2024-43451)
❗️
Bug tasdiqlangan, PoC mavjud ammo private :🔸 Remote Code Execution - Microsoft Edge (CVE-2024-43595, CVE-2024-43596)
🔸 Authentication Bypass - Azure Functions (CVE-2024-38204)
🔸 Authentication Bypass - Microsoft Dataverse (CVE-2024-38139)
🔸 Spoofing - Microsoft Exchange (CVE-2024-49040)
❗️
Muhim ojizliklar :🔹Remote Code Execution - Windows Kerberos (CVE-2024-43639)
🔹Elevation of Privilege - Windows Win32k (CVE-2024-43636)
🔹Elevation of Privilege - Windows DWM Core Library (CVE-2024-43629)
🔹Elevation of Privilege - Windows NT OS Kernel (CVE-2024-43623)
November 2024 Security Updates :
https://msrc.microsoft.com/update-guide/releaseNote/2024-NovPatch & Update : https://msrc.microsoft.com/update-guide