Home
Vulnerability Management

October 2024 Patch Tuesday: 5 Zero-Days, 3 Critical Addressed

Microsoft rolled out fixes for 117 vulnerabilities, 5 of which have been categorized as zero-day. Three bugs are rated critical, 113 are important, and one is moderate. Here’s what you need to know.

Nancy Simeone Nancy Simeone
October 8, 2024
Microsoft October 2024 Patch Tuesday
(Credits: PixieMe/Shutterstock.com)

On the second Tuesday of each month, Microsoft releases a monthly security update for its products. This week, the company addressed and released fixes for 117 Microsoft CVEs and republished 4 non-Microsoft CVEs.  Five zero-day vulnerabilities were addressed, including two that are actively being exploited. 

The October Patch Tuesday release is larger than last month’s update, which identified 79 vulnerabilities. Nearly a third of the issues in this month’s update are remote code execution vulnerabilities (36%). In comparison, elevation of privilege (24%) and denial of service (22%) vulnerabilities comprised about half the remaining issues.

October 2024 Patch Tuesday Zero-Day Vulnerabilities

Actively Exploited

  • CVE-2024-43572Opens a new window is a remote code execution vulnerability in the Microsoft Management Console caused by improper neutralization of malformed messages. It ranks high in severity with a CVSS score of 7.8.
  • CVE-2024-43573Opens a new window is a spoofing vulnerability in the Windows MSHTML Platform that allows cross-site scripting. It ranks medium in severity with a CVSS score of 6.5. Regardless, Microsoft urges users to address this vulnerability because the MSHTML Platform is used “by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control.”

Publicly Disclosed

  • CVE-2024-6197Opens a new window is a remote code execution vulnerability in the open-source cUrl command-line tool. When a client connects to a malicious server, an attacker could gain access to the client to execute code. It ranks high in severity with a CVSS score of 8.8.
  • CVE-2024-20659Opens a new window is a security bypass vulnerability in Windows Hyper-V. On some hardware, bypassing the Unified Extensible Firmware Interface (UEFI) host machine may be possible, which could compromise the hypervisor and secure kernel. It ranks high in severity with a CVSS score of 7.1. In this case,, Microsoft notes that “successful exploitation of this vulnerability requires multiple conditions to be met,” including gaining access to a restricted network and rebooting the targeted machine.
  • CVE-2024-43583Opens a new window is an escalation of privilege vulnerability in Winlogon that could allow an attacker to gain system access. What’s more, Microsoft recommends enabling a first-party Input Method Editor (IME) on the device to prevent issues with a third-party IME during login. 

October 2024 Patch Tuesday Critical Vulnerabilities

The October 2024 Patch Tuesday update only contains three critical vulnerabilities, something we haven’t seen since the April update.

Microsoft Configuration Manager

CVE-2024-43468Opens a new window
Exploit: An unauthenticated attacker could use an SQL injection attack to execute unauthorized code or commands on the server or database. Therefore, customers using Configuration Manager versions 2303, 2309, and 2403 should install an need to install an in-console update to ensure they are protected against the exploit.

Visual Studio Code

CVE-2024-43488Opens a new window
Exploit: Missing authentication in the Visual Studio Code extension for Arduino could allow an unauthenticated attacker to execute code using a network attack vector. However, Microsoft mitigated this vulnerability when the company deprecated the Arduino extension. 

Remote Desktop Protocol Server

CVE-2024-43582Opens a new window
Exploit: An unauthenticated attacker could send malformed packets to a remote procedure call (RPC) host, allowing them to execute code on the server at the same level of permissions as the RPC service.

October 2024 Patch Tuesday Breakdown

The vulnerability categorization for October 2024 is as follows:

  • 42 Remote Code Execution (RCE)
  • 28 Elevation of Privileges (EoP)
  • 26 Denial of Service (DoS)
  • 7 Spoofing
  • 7 Security Feature Bypass (SFB)
  • 6  Information Disclosure
  • 1 Tampering
October 2024 Patch Tuesday - Vulnerability by Type

Microsoft’s Security Response Center has a complete list of vulnerabilitiesOpens a new window , including the CVE number, base CVSS score and vectors, potential for exploitability, and more.

Cybersecurity
Nancy Simeone
Nancy Simeone

opens a new window opens a new window
opens a new window opens a new window
Nancy Simeone is an experienced digital marketer who embraces the challenge of finding insights hidden within endless streams of data. She attained her journalism degree just as "the Internet" was becoming mainstream and has enjoyed growing, evolving, and maturing with the platform formerly known as "new media." When she's not acting as Managing Editor of Spiceworks News & Insights, you can probably find her lost in an internet rabbit hole.
Take me to Community
Do you still have questions? Head over to the Spiceworks Community to find answers.

Recommended Reads

Prepare for the Holiday Ransomware Storm
Vulnerability Management

Prepare for the Holiday Ransomware Storm

How to Avoid a Tech Blackout on Black Friday
Vulnerability Management

How to Avoid a Tech Blackout on Black Friday

10 Reasons for SMBs to Consider a Managed Security Service Provider (MSSP)
Vulnerability Management

10 Reasons for SMBs to Consider a Managed Security Service Provider (MSSP)

November 2024 Patch Tuesday – 89 Microsoft CVEs Addressed
Vulnerability Management

November 2024 Patch Tuesday – 89 Microsoft CVEs Addressed

3 Steps to Create a Strong Security Culture
Vulnerability Management

3 Steps to Create a Strong Security Culture

Are Geopolitical Risks Part of Your Security Strategy?
Vulnerability Management

Are Geopolitical Risks Part of Your Security Strategy?