Microsoft patches worrying zero-day along with 71 other flaws




  • Microsoft releases final Patch Tuesday update of 2024
  • It addresses 71 flaws, including an actively exploited zero-day
  • This type of flaw is often used in ransomware attacks, experts claim

Microsoft has released its December Patch Tuesday cumulative update, which includes a fix for a worrying zero-day vulnerability that was being actively exploited in the wild.

The bug is described as a heap-based buffer overflow vulnerability in the Windows Common Log File System driver. It is tracked as CVE-2024-49138, and can apparently be used to fully take over vulnerable systems.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *