Microsoft and CrowdStrike Fix 71 Vulnerabilities, Including 1 Exploited Zero-Day in Windows – December 2024 Patch Tuesday
The December 2024 Patch Tuesday saw Microsoft fix 71 vulnerabilities, including a zero-day security flaw that was already being actively exploited. This Patch Tuesday is notably busy, with over twice the number of vulnerabilities addressed compared to December 2023, which had only 34 vulnerabilities fixed.
The teams at Microsoft and CrowdStrike identified 71 vulnerabilities, 16 of which are considered critical, mainly related to remote code execution flaws. These vulnerabilities affect critical components of Windows, such as Hyper-V, Windows LDAP, LSASS, Message Queuing, and Remote Desktop Services (RDS). Cybercriminals can exploit these flaws remotely, posing a significant risk to Windows 10 and Windows 11, including the 24H2 version.