شرکت مایکروسافت در روز سهشنبه ۱۰ دسامبر ۲۰۲۴ ( ۲۰ آذر ماه ۱۴۰۳) اصلاحیههای امنیتی ماهانه خود را منتشر کرد. این اصلاحیه شامل بهروزرسانیهای امنیتی برای ۷۱ نقص است از جمله یک آسیبپذیری روز صفر که به طور فعال مورد سوءاستفاده قرار گرفته است.
جزئیات آسیبپذیری
پچ سهشنبه ماه دسامبر، ۱۶ آسیبپذیری حیاتی را برطرف میکند که همگی نقصهای اجرای کد از راه دور (RCE) هستند. تعداد باگها در هر رده از آسیبپذیریها به تفکیک به شرح زیر است:
- ۲۷ آسیبپذیری ارتقا سطح دسترسی
- ۳۰ آسیبپذیری اجرای کد از راه دور
- ۷ آسیبپذیری افشای اطلاعات
- ۵ آسیبپذیری منع سرویس
- ۱ آسیبپذیری جعل
📌 این تعداد شامل دو نقص Edge که قبلاً در ۵ و ۶ دسامبر رفع شده بودند، نمیشود.
جهت کسب اطلاعات بیشتر و دریافت و نصب وصلههای امنیتی ماه دسامبر، به سایت مایکروسافت مراجعه کنید.
آسیبپذیری روز صفر
اصلاحیههای امنیتی این ماه، یکی از آسیبپذیریهای روز صفر را که به طور فعال تحت اکسپلویت قرار گرفته و به طور عمومی فاش شده بود، برطرف میکند.
[CVE-2024-49138]
آسیبپذیری ارتقا سطح دسترسی Windows Common Log File System Driver با شناسه CVE-2024-49138 و امتیاز CVSS:7.8
مایکروسافت روز صفری را که به طور فعال مورد سوءاستفاده قرار میگیرد، برطرف کرده است که به نفوذگران اجازه میدهد دسترسی SYSTEM در دستگاههای ویندوز را به دست آورند. هیچ اطلاعاتی در مورد نحوه استفاده از این نقص در حملات منتشر نشده است.
در زیر لیست کامل آسیبپذیریهای برطرف شده در بهروزرسانیهای Patch Tuesday در دسامبر 2024 آمده است. جزئیات مربوط به آسیبپذیریهای ارائه شده در جدول زیر قابل مشاهده است:
| عنوان | شناسه آسیبپذیری (CVE ID) | عنوان آسیبپذیری ( CVE title) | شدت |
|---|---|---|---|
| GitHub | CVE-2024-49063 | Microsoft/Muzic Remote Code Execution Vulnerability | Important |
| Microsoft Defender for Endpoint | CVE-2024-49057 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2024-12053 | Chromium: CVE-2024-12053 Type Confusion in V8 | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2024-49041 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate |
| Microsoft Office | ADV240002 | Microsoft Office Defense in Depth Update | Moderate |
| Microsoft Office | CVE-2024-49059 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2024-43600 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office Access | CVE-2024-49142 | Microsoft Access Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2024-49069 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Publisher | CVE-2024-49079 | Input Method Editor (IME) Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49064 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49062 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49068 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2024-49070 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2024-49065 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2024-49091 | Windows Domain Name Service Remote Code Execution Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2024-49117 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| System Center Operations Manager | CVE-2024-43594 | System Center Operations Manager Elevation of Privilege Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2024-49114 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2024-49088 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2024-49138 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2024-49090 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows File Explorer | CVE-2024-49082 | Windows File Explorer Information Disclosure Vulnerability | Important |
| Windows IP Routing Management Snapin | CVE-2024-49080 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | Important |
| Windows Kernel | CVE-2024-49084 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel-Mode Drivers | CVE-2024-49074 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49121 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49124 | Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | Critical |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49112 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Critical |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49113 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2024-49127 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Critical |
| Windows Local Security Authority Subsystem Service (LSASS) | CVE-2024-49126 | Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | Critical |
| Windows Message Queuing | CVE-2024-49118 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Critical |
| Windows Message Queuing | CVE-2024-49122 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Critical |
| Windows Message Queuing | CVE-2024-49096 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49073 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49077 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49083 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49092 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49087 | Windows Mobile Broadband Driver Information Disclosure Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49110 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows Mobile Broadband | CVE-2024-49078 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2024-49095 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2024-49097 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop | CVE-2024-49132 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49115 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49116 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49123 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49129 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2024-49075 | Windows Remote Desktop Services Denial of Service Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2024-49128 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49106 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49108 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49119 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2024-49120 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Resilient File System (ReFS) | CVE-2024-49093 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49085 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49086 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49089 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49125 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49104 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2024-49102 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Task Scheduler | CVE-2024-49072 | Windows Task Scheduler Elevation of Privilege Vulnerability | Important |
| Windows Virtualization-Based Security (VBS) Enclave | CVE-2024-49076 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49081 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49103 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49111 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49109 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49101 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49094 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49098 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Important |
| Windows Wireless Wide Area Network Service | CVE-2024-49099 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Important |
| WmsRepair Service | CVE-2024-49107 | WmsRepair Service Elevation of Privilege Vulnerability | Important |
