{"id":61732,"date":"2024-12-16T12:08:38","date_gmt":"2024-12-16T12:08:38","guid":{"rendered":"https:\/\/www.n-able.com\/?p=61732"},"modified":"2024-12-16T12:11:35","modified_gmt":"2024-12-16T12:11:35","slug":"patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025","title":{"rendered":"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025"},"content":{"rendered":"

The last Patch Tuesday of 2024 brings holiday surprises in the form of an unpatched zero-day vulnerability that has been present in the Windows OS since Windows 7. However, there is a fix for another zero-day vulnerability affecting the Windows Common Log File System and mitigation recommendations for multiple vulnerabilities. While there are only 71 vulnerabilities being addressed this month through cumulative and security updates some significant considerations will need to be given to the Microsoft recommended mitigations associated with the unpatched vulnerability. <\/span><\/p>\n

Microsoft Vulnerabilities <\/span><\/h2>\n

A total of 71 vulnerabilities were addressed with fixes for December\u2019s Patch Tuesday. Included in those are fixes for one zero-day vulnerability that is marked as publicly disclosed and Under Active Exploitation, along with a CVSS 9.8 vulnerability affecting Lightweight Directory Access Protocol (LDAP) that should be receiving attention from all system administrators. Within this month\u2019s release notes Microsoft also released mitigation guidance on patched and an unpatched vulnerabilities that will require review, these include:<\/span><\/p>\n

CVE-2024-49112<\/a><\/span><\/strong> is a remote code execution vulnerability affecting the Windows Lightweight Directory Access Protocol (LDAP) carrying a CVSS of 9.8. As this vulnerability is present in practically all Windows OS builds since Windows Server 2008 it will likely become common for threat actors and malware to begin taking advantage of this vulnerability once proof of concept is released, or the fixes are reversed engineered by security researchers or threat actors. As exploitation of this vulnerability would allow a remote unauthenticated attacker to execute arbitrary code against LDAP server services it will be important to apply this patch in a timely manner or follow Microsoft\u2019s recommended mitigations for this vulnerability to \u201censure that domain controllers are configured either to not access the internet or to not allow inbound RPC from untrusted networks\u201d.<\/span><\/p>\n

CVE-2024-49138<\/a><\/span><\/strong> Windows Common Log File System Driver privilege elevation is the zero-day vulnerability that is under current exploitation in the wild. This vulnerability affects all Windows systems since Server 2008 and while it is marked only as Important, because this vulnerability is Under Active Exploitation it should be prioritized.<\/span><\/p>\n

Also important in the discussion of this month\u2019s batch of vulnerability fixes is that security researchers from ACROS Security<\/a> reported the discovery of a zero-day NTLM Hash disclosure vulnerability that affects all version of Windows since Windows 7 and Server 2008 R2. While Microsoft has been made aware of the vulnerability and the researchers are not releasing information on the vulnerability until Microsoft has had time to address it, this will be months away. In the meantime, threat actors and other security researchers are sure to be picking apart any information available to reverse engineer the micropatch provided by ACROS Security through their 0patch platform. Microsoft has provided guidance on how to combat NTLM-based attacks through the use of Extend Protection for Authentication<\/a>. \u00a0<\/span><\/p>\n

Microsoft Patch Tuesday Vulnerability Prioritization<\/strong><\/h2>\n

Addressing vulnerabilities effectively requires a mix of adhering to established best practices and leveraging informed judgment. While it\u2019s a natural instinct to rank vulnerabilities with critical severity ratings higher on the list of things that need to be addressed, relying on severity ratings alone can be limiting. An often-overlooked component is temporal metrics, which provide a measure of the window of vulnerability\u2014the time from initial vulnerability discovery to the availability and application of the patch. This is essential as the longer a vulnerability exists without a fix, the greater the potential for exploitation. By integrating temporal metrics into the risk evaluation process, organizations can gain a more comprehensive understanding of the threat landscape and potential attack vectors, ensuring that they don\u2019t leave themselves open to unnecessary risks.<\/p>\n

Table Key:\u00a0Severity:\u00a0C = Critical, I = Important, M = Moderate, R = Re-issue;\u00a0Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected,\u00a0EU = Exploitation Unlikely, N\/A = Not Available<\/em><\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
\n

CVE Number<\/b><\/span><\/p>\n<\/td>\n

\n

\u00a0<\/b><\/span><\/p>\n<\/td>\n

\n

CVE Title<\/b><\/span><\/p>\n<\/td>\n

\n

\u00a0<\/b><\/span><\/p>\n<\/td>\n

\n

Severity<\/b><\/span><\/p>\n<\/td>\n

\n

\u00a0<\/b><\/span><\/p>\n<\/td>\n

\n

Status<\/b><\/span><\/p>\n<\/td>\n<\/tr>\n

CVE-2024-49138<\/a><\/td>\n<\/td>\nWindows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/td>\nI<\/td>\n<\/td>\nED<\/td>\n<\/tr>\n
CVE-2024-49128<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49127<\/a><\/td>\n<\/td>\nWindows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49118<\/a><\/td>\n<\/td>\nMicrosoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49116<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49112<\/a><\/td>\n<\/td>\nWindows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49132<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49126<\/a><\/td>\n<\/td>\nWindows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49124<\/a><\/td>\n<\/td>\nLightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49123<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49120<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49119<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49117<\/a><\/td>\n<\/td>\nWindows Hyper-V Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49115<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49108<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49106<\/a><\/td>\n<\/td>\nWindows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nELL<\/td>\n<\/tr>\n
CVE-2024-49122<\/a><\/td>\n<\/td>\nMicrosoft Message Queuing (MSMQ) Remote Code Execution Vulnerability<\/td>\n<\/td>\nC<\/td>\n<\/td>\nEML<\/td>\n<\/tr>\n
CVE-2024-49114<\/a><\/td>\n<\/td>\nWindows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/td>\nI<\/td>\n<\/td>\nEML<\/td>\n<\/tr>\n
CVE-2024-49090<\/a><\/td>\n<\/td>\nWindows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/td>\nI<\/td>\n<\/td>\nEML<\/td>\n<\/tr>\n
CVE-2024-49088<\/a><\/td>\n<\/td>\nWindows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<\/td>\nI<\/td>\n<\/td>\nEML<\/td>\n<\/tr>\n
CVE-2024-49093<\/a><\/td>\n<\/td>\nWindows Resilient File System (ReFS) Elevation of Privilege Vulnerability<\/td>\n<\/td>\nI<\/td>\n<\/td>\nEML<\/td>\n<\/tr>\n
CVE-2024-49070<\/a><\/td>\n<\/td>\nMicrosoft SharePoint Remote Code Execution Vulnerability<\/td>\n<\/td>\nI<\/td>\n<\/td>\nEML<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Summary<\/strong><\/h2>\n

As always make sure you have established patching processes for evaluation, testing and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity consider including prioritization of patches for Zero-Days, Exploitation Detected and Exploitation More Likely vulnerabilities in your\u00a0Patch Management\u00a0routines.<\/p>\n

Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Reviews, then check out\u00a0the\u00a0Patch Management section of our blog<\/a>.<\/strong><\/p>\n

Lewis Pope is the Head Security Nerd at N\u2011able. You can follow him on Twitter:\u00a0<\/em>@cybersec_nerd<\/em><\/a><\/p>\n

LinkedIn:\u00a0thesecuritypope<\/a><\/em><\/p>\n

Twitch:\u00a0cybersec_nerd<\/a>\u00a0<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

The last Patch Tuesday of 2024 brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Lewis Pope investigates.<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-61732","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"\nPatch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025 - N-able<\/title>\n<meta name=\"description\" content=\"December's Patch Tuesday brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Find out more...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025 - N-able\" \/>\n<meta property=\"og:description\" content=\"December's Patch Tuesday brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Find out more...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-16T12:08:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-16T12:11:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2024\/10\/Patch-Tuesday_Header_V3.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025\",\"datePublished\":\"2024-12-16T12:08:38+00:00\",\"dateModified\":\"2024-12-16T12:11:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\"},\"wordCount\":1017,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\",\"url\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\",\"name\":\"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025 - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\"},\"datePublished\":\"2024-12-16T12:08:38+00:00\",\"dateModified\":\"2024-12-16T12:11:35+00:00\",\"description\":\"December's Patch Tuesday brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Find out more...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/pt-br\/blog\/category\/head-nerds-pt-br\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/pt-br?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025 - N-able","description":"December's Patch Tuesday brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Find out more...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025","og_locale":"pt_BR","og_type":"article","og_title":"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025 - N-able","og_description":"December's Patch Tuesday brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Find out more...","og_url":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2024-12-16T12:08:38+00:00","article_modified_time":"2024-12-16T12:11:35+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2024\/10\/Patch-Tuesday_Header_V3.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Lewis Pope","Est. tempo de leitura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025","datePublished":"2024-12-16T12:08:38+00:00","dateModified":"2024-12-16T12:11:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025"},"wordCount":1017,"publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025","url":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025","name":"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025 - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br#website"},"datePublished":"2024-12-16T12:08:38+00:00","dateModified":"2024-12-16T12:11:35+00:00","description":"December's Patch Tuesday brings holiday surprises, including 71 vulnerabilities being addressed but with one notable absence. Find out more...","breadcrumb":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2024-no-patch-for-new-ntlm-zero-day-until-april-2025#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/pt-br\/blog\/category\/head-nerds-pt-br"},{"@type":"ListItem","position":2,"name":"Patch Tuesday December 2024: No Patch for New NTLM Zero-Day Until April 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/pt-br#website","url":"https:\/\/www.n-able.com\/pt-br","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/pt-br?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/pt-br#organization","name":"N-able","url":"https:\/\/www.n-able.com\/pt-br","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/61732","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/comments?post=61732"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/61732\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/media?parent=61732"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}