Microsoft security advisory – November 2024 monthly rollup (AV24–649)

Serial number: AV24-649
Date: November 13, 2024

On November 12, 2024, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

  • .NET 9.0
  • Azure CycleCloud – multiple versions
  • Azure Database for PostgreSQL Flexible Server – multiple versions and platforms
  • LightGBM
  • Microsoft 365 Apps for Enterprise
  • Microsoft Defender for Endpoint
  • Microsoft Excel 2016
  • Microsoft Exchange Server – multiple versions
  • Microsoft Office – multiple versions and platforms
  • Microsoft PC Manager
  • Microsoft SQL Server – multiple versions and platforms
  • Microsoft TorchGeo
  • Microsoft Visual Studio 2022 – multiple versions
  • Microsoft Word 2016
  • Python extension for Visual Studio Code
  • Windows 10 – multiple versions and platforms
  • Windows 11 – multiple versions and platforms
  • Windows Server – multiple versions and platforms
  • microsoft.com

Microsoft has indicated that CVE-2024-49039 and CVE-2024-43451 have been exploited.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

This alert was originated From: Canadian Centre for Cyber Security

https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-november-2024-monthly-rollup-av24-649

Leave a Reply

Your email address will not be published. Required fields are marked *