Dec 31 2024 73 mins 9
Join us for a special bonus episode of Patch [FIX] Tuesday, an hour-long compilation of the vulnerabilities that help shaped the cybersecurity landscape in 2024.
This episode recaps some the most critical and interesting exploits, from supply chain compromises to elevation of privilege threats targeting widely used platforms. Whether you're an IT administrator, security professional, or tech enthusiast, this episode provides valuable insights to stay ahead of evolving threats.
Here’s a list of vulnerabilities discussed in this episode, and be sure to tune into the Patch [FIX] Tuesday podcast on the second Tuesday of every month.
- Operation Triangulation (00:13)
- CVE-2024-21401: Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability (5:00)
- CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability (11:00)
- CVE-2024-3094: XZ/Liblzma Supply Chain Backdoor (17:08)
- CVE-2024-4671: Google Chrome Use-After-Free Vulnerability (30:00)
- CVE-2024-30078: Windows WiFi Driver Remote Code Execution Vulnerability(35:03)
- CVE-2024-38053: Windows Layer Two Bridge Network RCE (47:14)
- CVE-2024-38180: SmartScreen Prompt Remote Code Execution Vulnerability (53:12)
- CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (1:00:00)
- CVE-2024-43533: Remote Desktop Client Remote Code Execution Vulnerability (1:04:24)
- CVE-2024-5535: Microsoft Defender for Endpoint Remote Code Execution Vulnerability (1:07:35)
- CVE-2024-49093: Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability (1:09:36)
