PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows - #CVE-2024-49138
Microsoft's December 2024 Patch Tuesday addressed 71 vulnerabilities, including the actively exploited CVE-2024-49138, a critical flaw in the Windows Common Log File System (CLFS) driver. This heap-based buffer overflow vulnerability allows attackers to escalate privileges to SYSTEM level, prompting CISA to add it to their Known Exploited Vulnerabilities catalog. Another severe vulnerability, CVE-2024-49112, affecting the Windows Lightweight Directory Access Protocol (LDAP) service, poses a significant risk to domain controllers with its 9.8 CVSS score. SafeBreach Labs later disclosed this as a zero-click vulnerability that can crash unpatched servers. Microsoft released patches for various Windows versions and emphasized the importance of prompt updates, restricted internet access for domain controllers, and comprehensive security measures across different platforms.