On Patch Tuesday, Windows systems will be updated with a flood of security fixes. In November, Windows patched four zero-day vulnerabilities, two of which have been exploited. Patch Tuesdays are a good time for admin teams to remind employees of the importance of keeping operating systems and applications up to date.

The other two zero days being patched are CVE-2024-49040, a flaw in Exchange rated “important” that could allow an attacker to spoof the email address of a sender, and CVE-2024-49019, an elevation of privileges flaw in Active Directory (AD) which an attacker could use to gain the powers of a domain admin.

Today is Microsoft' 2024 Patch Tuesday, which includes security updates for 91 flaws, including four zero-days, two of which are actively exploited.

It’s been another busy Patch Tuesday for system administrators, with Microsoft releasing updates for nearly 100 vulnerabilities, four of which are classed as zero-days. Microsoft classifies a zero-day flaw as a CVE that has been publicly disclosed or actively exploited before a patch is available.

The November 2024 Patch Tuesday updates for Windows 11 versions 24H2 and 23H2 make it possible to use the Copilot key on PCs that have one to open other apps.

These updates will be rolled out to all supported Windows 10 and Windows 11 PCs over the coming days. Apple is the last one to show up to the AI party, but how does its Clean Up tool compare to Samsung's Object Eraser?