HomeMicrosoft Patch Tuesday › December 2024

Please link to this page, it changes often. Thank you! The Senserva Team.

Microsoft Patch Tuesday, December 2024

·

Microsoft's December 2024 security release, published December 10, 2024: 27 updates fixing 69 CVEs, ranked by confirmed exploitation, ransomware use, and severity. Provided by Senserva.

27
Updates (KBs)
69
CVEs fixed
1
Actively exploited
16
Critical updates

Actively exploited CVEs (CISA KEV)

CVE-2024-49138Windows Common Log File System Driver Elevation of Privilege VulnerabilityCVSS 7.8Exploited

Other high-risk CVEs (CVSS 8.8+)

CVE-2024-49112Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityCVSS 9.8
CVE-2024-49085Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49086Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49102Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49104Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49125Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49080Windows IP Routing Management Snapin Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49117Windows Hyper-V Remote Code Execution VulnerabilityCVSS 8.8
CVE-2024-49093Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityCVSS 8.8

Products fixed this month

Windows 10 Version 1809 for 32-bit Systems (16)Windows 10 Version 1809 for x64-based Systems (16)Windows Server 2019 (16)Microsoft SharePoint Enterprise Server 2016 (6)Microsoft SharePoint Server 2019 (5)Microsoft SharePoint Server Subscription Edition (5)Microsoft Office 2019 for 32-bit editions (3)Microsoft Office 2019 for 64-bit editions (3)Microsoft 365 Apps for Enterprise for 32-bit Systems (3)Microsoft Office 2016 (32-bit edition) (2)
Take this release to your AI

Composed from the December 2024 release data above. Copy it into Claude, ChatGPT, or Copilot. Free, no sign-in.

Reference: Microsoft CVE and vulnerability management, ranked by real-world risk, and the Microsoft patching guide.
Data notice: this page is provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative Microsoft advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.