Microsoft Monthly Security Update (October 2024)
RISK: Extremely High Risk
TYPE: Operating Systems - Windows OS
[Updated on 2024-10-23]
Updated Description, Related Links.
Proof of Concept exploit code Is publicly available for CVE-2024-43532.
[Updated on 2025-01-22]
Updated Description, Related Links.
Proof of Concept exploit code Is publicly available for CVE-2024-43468.
[Updated on 2026-02-13]
Updated Risk Level, Description, Related Links.
CVE-2024-43468 is actively exploited in the wild.
Microsoft has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes |
| Azure |  Medium Risk | Elevation of Privilege Remote Code Execution | |
| Windows |  High Risk | Elevation of Privilege Remote Code Execution Denial of Service Information Disclosure Security Restriction Bypass Spoofing Data Manipulation | CVE-2024-43573 is being exploited in the wild. This is a Windows MSHTML platform spoofing vulnerability, and another serious flaw that stems from the continued use of components of the officially retired Internet Explorer 11. CVE-2024-43572 is being exploited in the wild. This vulnerability allowed malicious Microsoft Saved Console (MSC) files to perform remote code execution on vulnerable devices. The attack itself is carried out locally. Proof of Concept exploit code Is publicly available for CVE-2024-43532 |
| Extended Security Updates (ESU) | High Risk | Remote Code Execution Denial of Service Security Restriction Bypass Elevation of Privilege Information Disclosure Spoofing Data Manipulation | CVE-2024-43573 is being exploited in the wild. This is a Windows MSHTML platform spoofing vulnerability, and another serious flaw that stems from the continued use of components of the officially retired Internet Explorer 11. CVE-2024-43572 is being exploited in the wild. This vulnerability allowed malicious Microsoft Saved Console (MSC) files to perform remote code execution on vulnerable devices. The attack itself is carried out locally. Proof of Concept exploit code Is publicly available for CVE-2024-43532 |
| SQL Server |  Low Risk | Spoofing | |
| Developer Tools | Medium Risk | Remote Code Execution Denial of Service Elevation of Privilege | |
| Microsoft Office | Medium Risk | Elevation of Privilege Remote Code Execution Spoofing | |
| Mariner | Medium Risk | Remote Code Execution | |
| Apps | Medium Risk | Elevation of Privilege | |
| System Center |  Extremely High Risk | Remote Code Execution Spoofing | CVE-2024-43468 is actively exploited in the wild, and Proof of Concept exploit code has been publicly released. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database. Hence, the risk level is rated as Extremely High Risk. |
Number of 'Extremely High Risk' product(s): 1
Number of 'High Risk' product(s): 2
Number of 'Medium Risk' product(s): 5
Number of 'Low Risk' product(s): 1
Evaluation of overall 'Risk Level': Extremely High Risk
Impact
- Information Disclosure
- Elevation of Privilege
- Security Restriction Bypass
- Spoofing
- Denial of Service
- Remote Code Execution
- Data Manipulation
System / Technologies affected
- Azure
- Windows
- Extended Security Updates (ESU)
- SQL Server
- Developer Tools
- Microsoft Office
- Mariner
- Apps
- System Center
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
Vulnerability Identifier
Source
Related Link
- https://msrc.microsoft.com/update-guide/releaseNote/2024-Oct
- https://www.bleepingcomputer.com/news/security/exploit-released-for-new-windows-server-winreg-ntlm-relay-attack/
- https://github.com/synacktiv/CVE-2024-43468?tab=readme-ov-file
- https://www.cisa.gov/news-events/alerts/2026/02/12/cisa-adds-four-known-exploited-vulnerabilities-catalog
Related Tags
Share with