Tripwire Patch Priority Index for December 2024
Tripwire’s December 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe.
First on the list is a notice about Windows Common Log File System Driver (CLFS). CVE-2024-49138 impacts Windows CLFS, which Microsoft released a patch for in December 2024. This vulnerability has been detected as actively exploited and has been added to the CISA Known Exploited Vulnerabilities (KEV) catalog. This vulnerability will be patched with the main Windows OS cumulative update for December. Administrators should consider the elevated risk to their organizations and move to patch Windows OSs as soon as possible.
Up next are patches Microsoft Word, Excel, Office, Access, and Publisher that resolve remote code execution and elevation of privilege vulnerabilities.
Up next are patches for Adobe Reader and Acrobat that resolve 6 vulnerabilities including code execution, denial of service, and memory leak (information disclosure) vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, CLFS, Cloud Files Mini Filter driver, Mobile Broadband Driver, PrintWorkflowUserSvc, Routing and Remote Access Service (RRAS), and others.
Lastly, administrators should focus on server-side patches for Hyper-V, DNS Server, System Center Operations Manager (SCOM), SharePoint, Remote Desktop Services, and Windows Lightweight Directory Access Protocol (LDAP). These patches resolve denial of service, remote code execution, information disclosure, and elevation of privilege vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Windows CLFS KEV | CVE-2024-49138 |
| Microsoft Office Word | CVE-2024-49065 |
| Microsoft Office Excel | CVE-2024-49069 |
| Microsoft Office | CVE-2024-43600, CVE-2024-49059 |
| Microsoft Office Access | CVE-2024-49142 |
| Microsoft Office Publisher | CVE-2024-49079 |
| Adobe Reader and Acrobat | CVE-2024-49534, CVE-2024-49533, CVE-2024-49532, CVE-2024-49531, CVE-2024-49535, CVE-2024-49530 |
| Windows | CVE-2024-49082, CVE-2024-49072, CVE-2024-49088, CVE-2024-49090, CVE-2024-49083, CVE-2024-49077, CVE-2024-49078, CVE-2024-49073, CVE-2024-49110, CVE-2024-49092, CVE-2024-49087, CVE-2024-49114, CVE-2024-49103, CVE-2024-49098, CVE-2024-49099, CVE-2024-49101, CVE-2024-49109, CVE-2024-49081, CVE-2024-49111, CVE-2024-49094, CVE-2024-49080, CVE-2024-49084, CVE-2024-49095, CVE-2024-49097, CVE-2024-49126, CVE-2024-49076, CVE-2024-49104, CVE-2024-49102, CVE-2024-49086, CVE-2024-49085, CVE-2024-49089, CVE-2024-49125, CVE-2024-49096, CVE-2024-49118, CVE-2024-49122, CVE-2024-49093, CVE-2024-49074 |
| System Center Operations Manager | CVE-2024-43594 |
| Role: Windows Hyper-V | CVE-2024-49117 |
| Microsoft Office SharePoint | CVE-2024-49068, CVE-2024-49062, CVE-2024-49064, CVE-2024-49070 |
| Windows Remote Desktop Services | CVE-2024-49129, CVE-2024-49120, CVE-2024-49106, CVE-2024-49123, CVE-2024-49128, CVE-2024-49119, CVE-2024-49108, CVE-2024-49115, CVE-2024-49116, CVE-2024-49075, CVE-2024-49132 |
| DNS Server | CVE-2024-49091 |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49124, CVE-2024-49113, CVE-2024-49121, CVE-2024-49112, CVE-2024-49127 |
