December 2024 Security Patch Roundup: Critical Updates for Your Digital Estate

fahd.zafar • December 12, 2024

At Altiatech, we're committed to helping organisations secure their digital future. Our latest security advisory highlights critical patches and updates that require your immediate attention.

Microsoft's December Patch Tuesday

As a Microsoft Partner, we're closely monitoring Microsoft's latest security releases. This month brings 71 vulnerabilities, with 16 rated as Critical. Of particular concern is a zero-day vulnerability (CVE-2024-49138) in the Windows Common Log File System Driver that requires immediate attention.

Remote Desktop Services users should take particular note, with eleven new vulnerabilities patched - nine Critical and two Important. For organisations using Microsoft Entra (formerly Azure AD), we recommend reviewing these updates as part of your identity and access management strategy.

Adobe's Significant Update

Adobe has released updates for 16 applications, addressing 165 vulnerabilities. As part of our Modern Workspace solutions, we recommend prioritising these updates, particularly for creative teams using Adobe Creative Cloud applications.

Critical Updates from Key Security Vendors

Our strategic partnerships with leading security vendors allow us to provide comprehensive guidance on:

  • Palo Alto Networks' critical authentication bypass vulnerability (CVE-2024-0012)
  • Fortinet's eight new security patches
  • Cisco's December advisories
  • SAP's security notes affecting NetWeaver components

Industrial Control Systems Advisory

For our manufacturing and industrial sector clients, we're monitoring seven new security advisories affecting various ICS products. Our team can help assess your exposure and implement necessary updates.

Recommended Actions

Our security experts recommend:

  1. Immediate patching of actively exploited vulnerabilities
  2. Scheduled updates for Remote Desktop Services
  3. Comprehensive review of Adobe products in your environment
  4. Assessment of industrial control systems where applicable

How Altiatech Can Help

With our expertise in identity management through altIAM and our comprehensive cybersecurity services, we can help you:

  • Assess your current security posture
  • Implement critical patches
  • Manage your identity and access controls
  • Ensure compliance with security best practices

Take Action Now

Don't let your organisation's security be compromised. Our team of experts is ready to help secure your digital estate.

Contact Us


Trust Altiatech to keep your systems secure and compliant.

Russian Threat Actors Exploit OAuth to Target Ukrainian Support Networks

July 24, 2025
New sophisticated phishing campaign uses legitimate Microsoft infrastructure to bypass traditional security controls

Critical SharePoint Attack: Thousands of Organisations at Immediate Risk

July 22, 2025
Microsoft warns of active exploitation as attackers bypass MFA and steal cryptographic keys from on-premises SharePoint servers

UK Cyber Security Breaches Survey 2025: Key Findings

July 16, 2025
The latest Cyber Security Breaches Survey 2025, published by the Department for Science, Innovation and Technology and the Home Office, provides crucial insights into the current state of cyber security across UK businesses and charities. The findings reveal both progress and persistent challenges in the cyber security landscape.

Browser Extension Trojan Hits 2.3 Million Users: The Hidden Threat in Your Everyday Tools

July 15, 2025
In a sophisticated cyber operation dubbed "RedDirection," security researchers have uncovered one of the largest browser hijacking campaigns to date. Over 2.3 million Chrome and Edge users fell victim to malicious code hidden within seemingly innocent browser extensions – tools they trusted and used daily for productivity and entertainment.

Qantas Cyber Incident: 5.7 Million Customer Records Compromised

July 9, 2025
The recent Qantas data breach affecting 5.7 million customers highlights critical cybersecurity vulnerabilities that could impact any organisation

The Hidden Cyber Threat: Why Your Building's Smart Technology Could Be Your Biggest Security Risk

By fahd.zafar July 2, 2025
New research reveals that over 25% of UK buildings have been cyber-attacked in the past year – and the threat is growing exponentially

Moving Beyond Password Fatigue: Why Your Organisation Should Embrace Modern Authentication

By fahd.zafar June 24, 2025
The average employee manages over 80 passwords for work applications. Is it any wonder that "Password123!" remains one of the most common corporate passwords? Latest guidance on password managers and passkeys offer a timely reminder that the technology to solve our authentication challenges already exists – we just need to trust it.

The 23andMe Breach: How Not to Handle a Cyber Security Incident

By fahd.zafar June 20, 2025
The genetic testing company 23andMe has been handed a £2.31 million fine by the UK's Information Commissioner's Office (ICO) following a devastating data breach that exposed the personal information of seven million people worldwide. For cybersecurity professionals, this case offers sobering lessons about the catastrophic consequences of inadequate security practices.

Building a Cyber Security Culture That Works: Beyond Technology Solutions

By fahd.zafar June 18, 2025
Discover why sustainable cyber security depends on organisational culture, not just technology. Learn how to build security-minded cultures that empower people and reduce risk

Learning from Recent High-Profile Cyber Incidents

May 7, 2025
The recent cyber attack on Co-op stores serves as a stark reminder of how digital disruptions can quickly cascade into real-world consequences. With stores facing empty shelves, payment system failures, and compromised customer data, this incident highlights the critical importance of robust cybersecurity measures for all businesses, regardless of industry.