Microsoft’s November Patch Tuesday Delivers Critical Security Fixes Across Windows 10 and 11
In a significant move to strengthen system security and enhance user experience, Microsoft has rolled out its November 2024 Patch Tuesday updates across Windows 10 and Windows 11 platforms. The updates address multiple critical vulnerabilities and introduce new features that improve system functionality.
Critical security fixes take center stage
Two zero-day flaws, already exploited in the wild, are among the 89 security vulnerabilities addressed in the November update batch. The most concerning of these is CVE-2024-49039, a Windows Task Scheduler bug that could allow attackers to gain elevated system privileges. Google’s Threat Analysis Group discovered this vulnerability, highlighting the urgent need for patching.
Another actively exploited vulnerability, CVE-2024-43451, poses a serious threat by potentially exposing Net-NTLMv2 hashes used for Windows authentication. This flaw could enable attackers to perform “pass-the-hash” attacks, letting them pose as legitimate users without knowing actual passwords.
Windows 10 Updates: KB5046613
The Windows 10 KB5046613 update brings ten significant changes, including:
- The Start menu now features a new Microsoft account manager.
- Fixes for multi-function printer issues
- Enhanced protection against BYOVD (Bring Your Own Vulnerable Driver) attacks
- Resolution for scanner driver installation problems
- Fixes for virtual machine switching errors
After installation, Windows 10 22H2 users will see their build number updated to 19045.5131, while 21H2 users will move to build 19044.5131.
Windows 11 Improvements: KB5046617 and KB5046633
Windows 11 users receive substantial improvements through the KB5046617 (24H2) and KB5046633 (23H2) updates. Key enhancements include:
- Fixed black screen issues during Alt-Tab switching
- Improved Task Manager process counting
- New Copilot key configuration options
- Enhanced notification management features
- The Wi-Fi password dialog has been updated with a modern Windows 11 design.
- Better management of battery life during modern standby is necessary.
The 24H2 version moves to build 26100.2314, while 23H2 updates to build 22631.4460.
Windows Domain Security Enhancement
A particularly noteworthy fix addresses CVE-2024-43602, a remote code execution vulnerability in Windows Kerberos. This update is crucial for enterprise networks using Windows domains, as it patches a critical weakness in the authentication protocol that could potentially give attackers access to domain controllers.
Urgent action is required
Security experts strongly recommend immediate installation of these updates due to the presence of actively exploited vulnerabilities. Users can install the updates through Windows Update or download them manually from the Microsoft Update Catalog.
How to Update
To install these updates:
- Open Settings
- Click on Windows Update.
- Select ‘Check for Updates.’
- Allow the system to download and install the updates.
- Restart your computer when prompted.
For enterprise users, IT administrators should carefully test these updates in a controlled environment before widespread deployment, given the comprehensive nature of the changes.
The November 2024 Patch Tuesday represents one of Microsoft’s most significant security updates this year, addressing critical vulnerabilities while introducing useful feature improvements across both Windows 10 and Windows 11 platforms. We urge users to update their systems promptly to maintain security and take advantage of the latest enhancements.