Summary
On October 9, 2024, Microsoft released its October 2024 Security Updates, which included patches for a total of 121 CVEs, an increase of 42 compared to the previous month.
In terms of vulnerability severity, there were 3 vulnerabilities marked as "Critical," and 116 vulnerabilities were marked as "Important/High" level vulnerabilities. Regarding the types of vulnerabilities, there were primarily 46 remote code execution vulnerabilities, 28 privilege escalation vulnerabilities, and 6 information disclosure vulnerabilities.
Statistics
Vulnerability Trend
Figure 1 Vulnerabilities Patched by Microsoft in the Last 12 Months
Microsoft released 121 patches in October 2024, including patches for 3 critical vulnerabilities.
Based on Microsoft's historical vulnerability disclosures and the specific circumstances of this year, Sangfor FarSight Labs estimates that Microsoft will announce less vulnerabilities in the coming November in comparison to October. We expect a figure of approximately 85 vulnerabilities.
Comparison of Vulnerability Trends
The following figure shows the number of patches released by Microsoft in the month of October from 2021 to 2024.
Figure 2 Number of Windows Patches Released by Microsoft in October from 2021 to 2024
The following figure shows the trend and number of vulnerabilities at different severity levels addressed by Microsoft in October from 2021 to 2024.
Figure 3 Number of Vulnerabilities by Severity Level Addressed by Microsoft in October from 2021 to 2024
The following figure shows the number of vulnerabilities by type addressed by Microsoft in October from 2021 to 2024.
Figure 4 Number of Vulnerabilities by Type Addressed by Microsoft in October from 2021 to 2024
Data source: Microsoft security updates
Compared to last year, there has been an increase in terms of the number of vulnerabilities of this year.The number of vulnerabilities addressed by Microsoft in October 2024 has increased. A total of 121 vulnerabilities, including 3 critical ones, have been reported this month.
Compared to last year, the number of vulnerabilities at the Critical level addressed by Microsoft has decreased, and that of vulnerabilities at the Important/High level has increased. 116 vulnerabilities at the Important/High level have been addressed, an increase of about 26%, and 3 vulnerabilities at the Critical level have been addressed, a decrease of about 77%.
In terms of Vulnerability Type, the number of RCE vulnerabilities has increased, and that of DoS and EoP vulnerabilities has also increased. However, we should remain highly vigilant because, when combined with social engineering techniques, attackers can exploit RCE vulnerabilities to take over an entire LAN and launch attacks.
Details of Key Vulnerabilities
Analysis
Microsoft Management Console Remote Code Execution Vulnerability (CVE-2024-43572)
The Microsoft Management Console (MMC) is utilized for creating, saving, and opening administrative tools to manage hardware, software, and network components of the Microsoft Windows operating system.
A remote code execution vulnerability exists within it, which attackers can exploit to execute arbitrary code on the target system. This vulnerability can be exploited in the wild, and after assessment, it poses a significant risk. We recommend that users promptly update the Microsoft security patches.
Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573)
A typesetting engine is a software component responsible for retrieving marked-up content (such as HTML, XML, and image files, etc.), organizing information (such as CSS and XSL, etc.), and outputting the formatted content to a display monitor or printer. MSHTML is the name of the typesetting engine for Microsoft's web browser, Internet Explorer, which is included with Windows.
Affected Versions
| Vulnerability Name | Affected Versions |
|---|---|
| Microsoft Management Console Remote Code Execution Vulnerability (CVE-2024-43572) |
Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573) |
Windows Server 2012 R2 Windows Server 2016 (Server Core installation) Windows 10 Version 1607 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows 10 for x64-based Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows 10 for 32-bit Systems Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2019 (Server Core installation) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2019 Windows 10 Version 21H2 for ARM64-based Systems Windows Server 2022 (Server Core installation) Windows 10 Version 21H2 for x64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows Server 2022 Windows 10 Version 22H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems |
Solutions
Official Solution
Microsoft has released updated security patches for the affected software. Please download and install the corresponding security patches according to the version of your system. Download links are as follows:
References
https://msrc.microsoft.com/update-guide/releaseNote/2024-Oct
Timeline
On October 9, 2024, Microsoft released a security bullet.
On October 9, 2024, Sangfor FarSight Labs released a vulnerability alert.
