CVE-2024-49081 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Published December 10, 2024
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2024-49105 Remote Desktop Client Remote Code Execution Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability
Published December 10, 2024
Information published.
CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability
Published December 10, 2024
Information published.
CVE-2024-38033 PowerShell Elevation of Privilege Vulnerability
Published December 10, 2024
To comprehensively address CVE-2024-38033, Microsoft released security updates on December 10, 2024 for all affected versions of Windows Server 2012 and Windows Server 2012 R2.
Microsoft recommends that customers running any of these products install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
Chromium: CVE-2024-12053 Type Confusion in V8
Published December 6, 2024
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.
CVE-2024-38199 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
Published December 2, 2024
Added acknowledgements. This is an informational change only.
CVE-2024-49035 Partner.Microsoft.Com Elevation of Privilege Vulnerability
Published November 26, 2024
An improper access control vulnerability in [Partner.Microsoft.com](https://partner.microsoft.com/) allows an a unauthenticated attacker to elevate privileges over a network.
