In today’s VERT Alert, we focus on Microsoft’s November 2024 Security Updates. VERT is diligently working to enhance its coverage for these vulnerabilities and anticipates releasing ASPL-1132 promptly upon completion.
Active Vulnerabilities and Noteworthy CVEs
CVE-2024-43451: This vulnerability enables unauthorized access to NTLMv2 hashes. Alarmingly, it has been both disclosed publicly and exploited in the wild. The exploit is trivial; significant interaction is not needed, as merely right- or left-clicking a malicious file can trigger the vulnerability. Microsoft has flagged it as Exploitation Detected.
CVE-2024-49039: This vulnerability within Windows Task Scheduler permits low-privilege users to elevate their permissions to a Medium Integrity Level, allowing potential code execution. Microsoft indicates that exploitation is currently detected.
CVE-2024-49040: Found in Microsoft Exchange Server, it permits spoofing of email senders through non-compliant P2 FROM headers. After applying recent updates, users receive guidance for enhanced security against this type of fraud. Microsoft has categorized this issue as Exploitation More Likely.
Moreover, a recently published advisory regarding Microsoft SharePoint Server outlines a defense-in-depth approach to mitigate potential redirection threats.
