October 2024 [Experts Analyze a Long List of Spooky Vulnerabilities]

Episode 12   Published October 8, 2024 21 minute watch

Summary

October 2024 Patch Tuesday brought a long list of RCEs, and the standouts share a theme of attacks turning back on the attacker. CVE-2024-38124 is a Windows Netlogon flaw that lets an attacker with LAN access impersonate a domain controller and reach domain admin. CVE-2024-43468 is an unauthenticated Config Manager RCE that points to memory-safety issues. They flip the usual RDP story with CVE-2024-43533, a Remote Desktop Client RCE that enables back-hacks against scanners. The team closes on the CUPS print-daemon exposure on Linux and the macOS Sequoia 15.0 update that broke several security tools.