Microsoft has completed its 2024 Patch Tuesday Update, releasing fixes for 72 security flaws across its software portfolio. According to cybersecurity firm Forta, Microsoft resolved up to 1,088 vulnerabilities in 2024.

The vulnerability discovered by Microsoft and currently being exploited by hackers (tracked as CVE-2024-49138) is a privilege escalation flaw in the Windows Common Log File System (CLFS) driver, which an attacker could exploit to gain system privileges system privileges. Microsoft gives credit to CrowdStrike for finding and reporting the flaw, which marks the fifth time since 2022 that a privilege escalation flaw in CLFS has been actively exploited, and the ninth time this year that the same component vulnerability has been patched.

According to one senior staff research engineer cited by The Hacker News, ransomware attackers are particularly interested in the CLFS privilege flaw that was exploited. Microsoft has stated that it is working to add a new verification step when parsing log files to detect malicious actors.

In August 2024, the company stated that the new security mitigation “will provide CLFS with the ability to detect when a log file has been modified by someone other than the CLFS driver itself. This is accomplished by adding a hash-based message authentication code (HMAC) to the end of the log file”

.

The flaw has been added to the U.S. Cybersecurity and Infrastructure Security Administration's (CISA) catalog of “Known Exploited Vulnerabilities” and the Federal Civilian Executive Branch (FCEB) has been given until December 31 to The FCEB is required to apply the necessary remediation measures by December 31.

However, the most severe bug of the month is a remote code execution flaw (tracked as CVE-2024-49112) affecting the Windows Lightweight Directory Access Protocol (LDAP). According to Microsoft, the flaw allows an attacker to execute code through a specially crafted set of LDAP calls, potentially allowing arbitrary code execution within the context of the LDAP service.

One is Windows Hyper-V (CVE-2024-49117), another is Remote Desktop Client (CVE-2024-49105), and the other is Microsoft Muzic (CVE-2024-49063).

Do not wait to update your PC. Instead, update as soon as your operating system recommends it. This is easy to remember because Microsoft gives you the option to install a new update on your PC every time you reboot or shut down.

Next, make sure Windows Defender is set up on your PC. This is a great option and comes free with the PC. Similarly, many anti-virus software suites come with useful extras like password managers and VPNs.

Patch Tuesday takes place monthly, so you should plan to update your PC shortly after that, usually around the second week of each month. If you have the best Windows laptop, this may seem unnecessary, but if you want your machine to run well and virus-free, it is best to ensure that you install these security-focused updates.