Windows 11's October Patch Tuesday addresses at least five zero-day flaws

It’s that time of the month once again. Microsoft has now launched the monthly Patch Tuesday for October 2024.

On Patch Tuesday this month, Microsoft said that it’s addressing 118 security vulnerabilities, where five of them are zero-day flaws. These vulnerabilities affect a range of Microsoft products, including Windows, Microsoft Office, and Exchange Server.

Microsoft mentions that of these five zero-day vulnerabilities were actively exploited. CVE-2024-43573 is a spoofing vulnerability in the MSHTML platform, while CVE-2024-43572 allows remote code execution via malicious Microsoft Saved Console files.

The remaining three publicly disclosed vulnerabilities include CVE-2024-6197 (libcurl RCE flaw), CVE-2024-20659 (Hyper-V security bypass), and CVE-2024-43583 (Winlogon elevation of privilege).

As for Windows 11, Microsoft also launched KB5044284, KB5044285, and KB5044280 updates across 22H2, 23H2, and the latest, most AI-friendly edition, 24H2. These updates also address various security vulnerabilities and performance improvements, with notable fixes for issues related to the Windows shell, Microsoft Edge, and system reliability.

But still, there were some known issues. Microsoft mentions that some users of the 24H2 version may not be able to launch Roblox, which persisted even last month. Arm devices were unable to download and play the game via the Microsoft Store on Windows, so the only workaround is to download it directly from the game’s website.

As for the 23H3 and 22H2, there are no known issues reported.

You can download the updates via Settings > Windows Update.