Always On VPN Security Updates December 2024

Microsoft released the December 2024 security updates earlier today, and there are a few important items that Windows Always On VPN administrators should take note of. Specifically, the December 2024 security update includes six CVEs affecting the Windows Server Routing and Remote Access Service (RRAS), commonly used for Always On VPN deployments.

RRAS Updates

This month’s updates for Windows Server RRAS cover the following publicly announced CVEs.

Importance

All of the security vulnerabilities outlined above are Remote Code Execution (RCE) and are rated Important. However, they all require local administrative rights for an attacker to leverage, reducing the risk of compromise. However, administrators are encouraged to update their systems as soon as possible.

Additional Information

Microsoft December 2024 Security Updates

Leave a comment
by Richard M. Hicks on December 10, 2024  •  Permalink
Posted in Always On VPN, AOVPN, Microsoft, Security Update, Update, VPN, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows Server 2025
Tagged , , , , , , , , , , ,

Posted by Richard M. Hicks on December 10, 2024

https://directaccess.richardhicks.com/2024/12/10/always-on-vpn-security-updates-december-2024/

Previous Post
Next Post
Leave a comment

Leave a Reply

Discover more from Richard M. Hicks Consulting, Inc.

Subscribe now to keep reading and get access to the full archive.

Continue reading