Microsoft’s October 2024 Patch Tuesday brings critical security updates, addressing 118 vulnerabilities, including five publicly disclosed zero-day flaws, with two actively exploited.
The patches include 43 remote code execution vulnerabilities and other critical fixes.
Two actively exploited zero-days are:
- CVE-2024-43573 – MSHTML Platform Spoofing Vulnerability.
- CVE-2024-43572 – Microsoft Management Console Remote Code Execution.
Other publicly disclosed vulnerabilities include:
- CVE-2024-6197 – Curl Remote Code Execution.
- CVE-2024-20659 – Hyper-V Security Feature Bypass.
- CVE-2024-43583 – Winlogon Elevation of Privilege.
Admins are urged to update immediately to mitigate these security risks.
