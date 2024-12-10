Microsoft releases the December 2024 security updates for Windows
Welcome to the last Windows security updates overview of 2024. Microsoft released security updates for Windows, Office, and other company products today.
Our monthly guide helps home users and system administrators alike, as it provides an overview of the released security updates. It furthermore includes information about known issues, non-security updates, links to support pages, and download links among other useful information.
Good to know: Microsoft has recently pushed an update to devices that are no longer supported and the current version of Windows 10. These are designed to notify users about the support status and to push feature updates, if available.
Microsoft Windows Security Updates: October 2024
You may download the following Excel spreadsheet to get a list of released updates. Click on the following link to download the archive to the local device: Windows Security Updates December 2024
Executive Summary
- Microsoft released a total of 72 security updates for various Microsoft products and 1 security update for non-Microsoft issues (e.g. Chromium).
- Windows clients with issues are:
- Windows 11 version 22H2, 23H2, and 24H2
- Windows Server clients with issues:
- Windows Server 2008
- Windows Server 2025
- Windows 11, version 22H2, Home and Pro, have reached end of support. Microsoft will force upgrade devices to newer Windows versions.
Product overview
Each supported version of Windows and their critical vulnerabilities are listed below.
- Windows 10 version 22H2: 44 vulnerabilities, 8 critical, 36 important
- Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2024-49112
- Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability -- CVE-2024-49118
- Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability -- CVE-2024-49122
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49123
- Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability -- CVE-2024-49124
- Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability -- CVE-2024-49126
- Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2024-49127
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49132
- Windows 11 version 22H2 and 23H2: 44 vulnerabilities, 9 critical, 35 important
- Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2024-49117
- Plus the critical fixes of Windows 10 version 22H2
- Windows 11 version 24H2: 45 vulnerabilities, 9 critical, 46 important
- same as 22H2 / 23H2.
Windows Server products
- Windows Server 2008 R2 (extended support only): 22 vulnerabilities: 6 critical, 16 important
- Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2024-49112
- Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability -- CVE-2024-49122
- Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability -- CVE-2024-49124
- Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability -- CVE-2024-49126
- Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability -- CVE-2024-49118
- Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2024-49127
- Windows Server 2012 R2 (extended support only): unknown
- Windows Server 2016: 33 vulnerabilities: 13 critical, 20 important
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49106
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49108
- Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2024-49112
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49115
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49116
- Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability -- CVE-2024-49118
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49119
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49120
- Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability -- CVE-2024-49122
- Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability -- CVE-2024-49124
- Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability -- CVE-2024-49126
- Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2024-49127
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49128
- Windows Server 2019: 56 vulnerabilities: 15 critical, 41 important
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49123
- Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2024-49132
- Plus updates for all critical issues of Windows Server 2016
- Windows Server 2022: 41 vulnerabilities: 16 critical, 25 important
- Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2024-49117
- Plus updates for all critical issues of Server 2019 and 2016.
- Windows Server 2025: 57 vulnerabilities: 16 critical, 41 important
- Same as Windows Server 2022-
Windows Security Updates
Windows 10 version 22H2
- Support Page: KB5048652
Updates and improvements:
- Security fixes.
- Fixed an issue that prevented Windows activation after replacing the motherboard.
- Updates Country and Operator Settings Assets.
- Fixed an IPP USB printer issue.
Windows 11 version 22H2 and 23H2
- Support Page: KB5048685
Updates and improvements:
- Security fixes.
- Tailored Experiences is now Personalized offers in the Out of box experience. Turn off under Settings > Privacy & Security.
- System Tray shows a shorter date and time. For date, the year is removed. For time, am/pm is removed. Can be restored under Settings > Date and Time.
- Start menu apps support jumplists now. Reveal with a right-click. Hold down the Shift-click before right-clicking to start as admin.
- New options for touchscreen edge gestures to turn off left or right screen edge gestures. Configure under Settings > Bluetooth & devices > Touch.
- IME Toolbar hides when apps are in full screen mode.
- File Explorer option to share content to Android devices. Requires the Phone Link app for PC.
- Dynamic Lighting got some new effects. Also placeholder if no compatible devices were found.
- Speech-to-text and Text-to-speech improvements. Needs an update via Microsoft Store, which is displayed to the user, if the update is required.
- Plenty of non-security fixes.
Windows 11 version 24H2
- Support page: KB5048667
Updates and improvements:
- Same as Windows 11 23H2.
Windows Security updates
- 2024-12 Cumulative Update for Windows 10 Version 1507 (KB5048703)
- 2024-12 Cumulative Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5048652)
- 2024-12 Security Monthly Quality Rollup for Windows Server 2008 (KB5048710)
- 2024-12 Security Only Quality Update for Windows Server 2008 (KB5048744)
- 2024-12 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5048676)
- 2024-12 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5048695)
- 2024-12 Security Monthly Quality Rollup for Windows Server 2012 (KB5048699)
- 2024-12 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5048735)
- 2024-12 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5048671)
- 2024-12 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5048661)
- 2024-12 Cumulative Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5048654)
- 2024-12 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5048800)
Known Issues
Windows 11 version 22H2 and 23H2
- (OLD) OpenSSH may fail to start, which prevents SSH connections.
- Workaround: Microsoft suggests updating permissions to temporarily address the issue. Instructions found here.
Windows 11 version 24H2
- (OLD) Players on ARM devices may not be able to play Roblox via the Microsoft Store.
- Workaround: download and play the title directly from the developer website.
Security advisories and updates
- ADV 990001 -- Latest Servicing Stack Updates
Microsoft Office Updates
You find Office update information here.
How to download and install the December 2024 security updates
Important updates, including most security updates, get downloaded and installed automatically on most unmanaged Windows devices. This includes the majority of home devices.
Home administrators may run a manual check for updates. Note that this may also reveal Feature Updates that are available for the PC.
Step-by-step instructions:
- Open the Start menu, type Windows Update, and select the result.
- Activate the "check for updates" button. This runs a manual check for updates.
- Activate the "download & install all" button, if the update is not downloaded automatically.
Updates are also published on the Microsoft Catalog website. You find them linked below.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 10 version 22H2
- KB5048652 -- 2024-12 Cumulative Update for Windows 10 Version 21H2
Windows 11 version 22H2
- KB5048685 -- 2024-12 Cumulative Update for Windows 11 version 22H2
- KB5048685 -- 2024-12 Cumulative Update for Windows 11 version 23H2
Windows 11 version 24H2
- KB5048667 -- 2024-12 Cumulative Update for Windows 11 version 24H2
Additional resources
- December 2024 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 11 24H2 Update History
- Windows 11 23H2 Update History
- Windows 10 Update History
Comments
As always, I’ve delayed the updates on my machines by a few days to let the rest of the world debug them first. Your help is appreciated.
On the nvme, the update only takes around 10 minutes. On a conventional hard drive, it takes about an hour. Is it always this way?
On Windows 10 a critical safety issue was apparently my desktop background picture, so Microsoft switched that to a picture via Windows Spotlight instead. We can now be sure that they have found a way to monetize Windows Spotlight and also included telemetry and dataharvesting into that “feature”.