Announcement: Cythera has joined forces with Bastion Security Group. Learn more
14 Nov / 2024
Cyber Security
CVE-2024-43639
The Kerberos Authentication system in Windows Server 2012, 2016, 2019, 2022, 2025 (Server Core included)
What has happened?
Microsoft have released an update and advisory as part of the November Patching Cycle for the new vulnerability CVE-2024-43639.
This vulnerability has been assigned the CVSS 3 score of 9.8/10. The vulnerability allows an unauthenticated attacker to use a specially crafted application to leverage a cryptographic protocol vulnerability in Windows Kerberos to perform remote code execution against the target. This process does not require any user interaction and there are no workarounds to mitigate this vulnerability.
The remediation for this vulnerability is to apply the November Monthly Rollup Security updates relevant to the version of Windows Server being patched. Microsoft advise that there is no evidence of this being exploited in the wild, but it is expected that this vulnerability will be reverse engineered and weaponised.
Microsoft’s advisory for this specific vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43639
Rapid7’s analysis for this patch cycle: https://www.rapid7.com/blog/post/2024/11/12/patch-tuesday-november-2024/
CrowdStrike’s analysis for this patch cycle: https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-november-2024/
Cythera is actively monitoring for exposure and exploitation activity for MDR and Vulnerability Management clients.
PaperCut Vulnerability - CVE-2023-27350, CVE-2023-27351
PaperCut MF & PaperCut NG VulnerabilitiesCVE: CVE-2023-27350, CVE-2023-27351 WHAT IS VULNERABLE? PaperCut MF or NG version 8.0 or later, on a…
Read MoreUnlocking Growth Through Security: Operationalising MDR for Australian Organisations
Australian small and medium-sized enterprises (SMEs) are at a critical juncture regarding cybersecurity. Recent data shows that 60% of Australia…
Read MoreCyber Insurance And Penetration Testing: How Australian Businesses Can Mitigate Cyber Risk
Cyber Insurance And Penetration Testing: How Australian Businesses Can Mitigate Cyber RiskIn the early 2000s, cyber insurance was a relatively n…
Read More