HomeNews

Important Windows updates (December 2024): 71 vulnerabilities fixed

December 11, 2024 by Chemtable Software

On December 10, 2024, patches for 71 vulnerabilities in Windows were released, including 16 critical ones.  The primary focus was on closing loopholes for remote code execution.

Specifically, the updates fixed:

  • 27 privilege escalation vulnerabilities,
  • 30 remote code execution vulnerabilities,
  • 7 information disclosure vulnerabilities,
  • 5 denial-of-service vulnerabilities,
  • 1 spoofing (a situation in which a person or program successfully identifies as another by falsifying data, to gain an illegitimate advantage) vulnerability.

The highlight of this update was the resolution of the actively exploited “zero-day” vulnerability CVE-2024-49138. This flaw allowed attackers to gain system-level privileges in the Windows file system driver. Its discovery was credited to CrowdStrike and the Advanced Research Team.

Windows typically updates itself automatically within a few hours or days, so no action is required unless you’ve disabled automatic updates. If you wish to update immediately or have turned off updates, you can check for and install the patches manually through the system settings under the Update & Security section.