Headline
What has become known about the Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later?
What has become known about the Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later? Almost nothing. 🙄 This is a vulnerability in a standard Windows component, available in all versions starting with Windows Server 2003 R2. Its description is typical for EoP […]
What has become known about the Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later? Almost nothing. 🙄 This is a vulnerability in a standard Windows component, available in all versions starting with Windows Server 2003 R2. Its description is typical for EoP in Windows: if successfully exploited, a local attacker can gain SYSTEM privileges. The cause of the vulnerability is Heap-based Buffer Overflow.
Microsoft has labeled the vulnerability as being exploited in the wild, but has not provided information on where the vulnerability was being exploited or how widespread the attacks were.
The vulnerability was reported by CrowdStrike’s Advanced Research Team. But neither they nor other researchers have provided technical details yet. 🤷♂️ And there are no exploits yet either.
So install the December Microsoft security updates and let’s wait for news! 😉
Update
На русском
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Related news
The Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) has become more critical. Just as I wrote that nothing had been heard about this vulnerability for a month since it was first published in Microsoft’s December Patch Tuesday, a public exploit for it appeared on January 15th. 🙂 It was developed by […]
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common… Read More »
December Microsoft Patch Tuesday. 89 CVEs, of which 18 were added since November MSPT. 1 vulnerability with signs of exploitation in the wild: 🔻 EoP – Windows Common Log File System Driver (CVE-2024-49138). There are no details about this vulnerability yet. Strictly speaking, there was another vulnerability that was exploited in the wild: EoP – […]
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”