logo
Home/CVEs/CVE-2024-49039/

CVE-2024-49039 - Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Project:Microsoft

Product:Windows

Date Added:2024-11-12Due Date:2024-12-03

Vulnerability Name

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Description

Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039

https://nvd.nist.gov/vuln/detail/CVE-2024-49039

Related News Articles

Mozilla warns Windows users of critical Firefox sandbox escape flawMarch 27, 2025

Firefox and Windows zero-days exploited by Russian RomCom hackersNovember 26, 2024

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated CyberattacksNovember 26, 2024

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler BugsNovember 13, 2024