Application Management and Patching

October 2024 Third-Party Patches

Topics: Application Management and Patching

October was a busy month for vulnerabilities. According to Recast Application Workspace data, 96 products were vulnerable and patched during the last month. Vendors released new versions of their applications to remediate 181 vulnerabilities—over 100 more than in September. In total, 25 software vendors released 169 updates. 

Notable Vulnerabilities in October 2024 Third-Party Patches

Mozilla Fixes Zero-Day Vulnerability in Firefox 

Mozilla fixed a zero-day vulnerability, CVE-2024-9680, in Firefox that was actively exploited in attacks. The vulnerability exists in the Animation Timelines, which are part of Firefox’s Web Animations API that controls and synchronizes animations on web pages. Attackers have been able to achieve code execution in the content process by exploiting this vulnerability in the latest Firefox standard release as well as the Extended Support Releases (ESR). Mozilla released a security advisory regarding this vulnerability on October 9, 2024. The CVSS rating for this vulnerability is 9.8. 

Mozilla also patched several other critical vulnerabilities—CVE-2024-9392, CVE-2024-9401, CVE-2024-10467, CVE-2024-10468, and CVE-2024-9402—in their October releases. For more information, please see the following security advisories released by Mozilla: 

Electron Framework Addresses Zero-Day Vulnerability 

The OpenJS Foundation and Electron contributors fixed another zero-day vulnerability, CVE-2024-7965, in their product Electron. The Electron framework allows developers to build cross-platform desktop applications using web technologies by combining Chromium for rendering and Node.js for backend functionality. This vulnerability was already remediated in Google Chrome and Microsoft Edge in August. More information about the remediation can be found in the release notes of Electron

Browser Security Updates in October 2024 

October saw significant updates to major web browsers: 

  • Google Chrome was updated five times, addressing 25 vulnerabilities
  • Microsoft Edge released patches for 62 vulnerabilities across six updates. 
  • Brave Browser had five releases, remediating 23 vulnerabilities in total. 
  • Firefox was updated four times, patching 15 vulnerabilities
  • Firefox ESR 115 released three updates, patching 8 vulnerabilities
  • Firefox ESR 128 released three updates, patching 22 vulnerabilities
  • Vivaldi released only one version, patching 2 vulnerabilities

Microsoft Product Updates Included in October 2024 Third-Party Patches 

In addition to Edge, Microsoft released updates for the following products: 

  • Microsoft .NET Runtime 6.0 
  • Microsoft .NET Runtime 8.0 
  • Microsoft .NET SDK 6.0 
  • Microsoft .NET SDK 8.0 
  • Microsoft 365 Apps 
  • Microsoft ASP.NET Core Runtime 6.0 
  • Microsoft ASP.NET Core Runtime 8.0 
  • Microsoft ASP.NET Core Runtime Hosting Bundle 6.0 
  • Microsoft ASP.NET Core Runtime Hosting Bundle 8.0 
  • Microsoft Edge Beta 
  • Microsoft Edge for Business 
  • Microsoft Edge Webview2 Runtime 
  • Microsoft Remote Desktop 
  • Microsoft Visual Studio 2017 Community 
  • Microsoft Visual Studio 2017 Enterprise 
  • Microsoft Visual Studio 2017 Professional 
  • Microsoft Visual Studio 2019 Community 
  • Microsoft Visual Studio 2019 Enterprise 
  • Microsoft Visual Studio 2019 Professional 
  • Microsoft Visual Studio 2022 Community 
  • Microsoft Visual Studio 2022 Enterprise 
  • Microsoft Visual Studio 2022 Professional 
  • Microsoft Visual Studio Code 
  • Microsoft Visual Studio Feedback Client 2017 
  • Microsoft Visual Studio Team Explorer 2017 
  • Microsoft Visual Studio Team Explorer 2019 
  • Microsoft Visual Studio Team Explorer 2022 
  • Microsoft Windows Desktop Runtime 6.0 
  • Microsoft Windows Desktop Runtime 8.0 
  • OpenJDK 11 
  • OpenJDK 17 
  • OpenJDK 21 

Detailed List of October 2024 Third-Party Patches 

For a complete list of applications, versions, and the number of remediated vulnerabilities, see the table below generated using Application Workspace data.  

Product Version Vulnerabilities remediated 
Akeo Consulting Rufus 4.6 
Amazon Corretto JDK 11 11.0.25.9.1 
Amazon Corretto JDK 17 17.0.13.11.1 
Amazon Corretto JDK 21 21.0.5.11.1 
Amazon Corretto JDK 23 23.0.1.8.1 
Amazon Corretto JDK 8 8.432.06.1 
Amazon Corretto JRE 8 8.432.06.1 
Autodesk AutoCAD 2024 2024.1.6 
Autodesk AutoCAD LT 2024 2024.1.6 
Autodesk AutoCAD LT 2025 2025.1.1 21 
Brave Browser 1.70.123 
Brave Browser 1.70.126 
Brave Browser 1.71.114 13 
Brave Browser 1.71.118 
Brave Browser 1.71.121 
Burp Suite Community Edition 2024.9 14 
Burp Suite Community Edition 2024.9.1 
Burp Suite Community Edition 2024.9.3 14 
Burp Suite Community Edition 2024.9.4 
Burp Suite Professional Edition 2024.9 14 
Burp Suite Professional Edition 2024.9.1 
Burp Suite Professional Edition 2024.9.3 14 
Burp Suite Professional Edition 2024.9.4 
Cisco Webex Teams 44.10.1.31028 
Cisco Webex VDI Plugin 44.10.1.31028 
Datadog Agent 7.58.0 
Docker Desktop 4.34.3 
Docker Desktop 4.34.3.170107 
Eclipse Temurin JDK with Hotspot 21 21.0.5.11 
Eclipse Temurin JRE with Hotspot 21 21.0.5.11 
Electron 31.7.1 
Electron 31.7.2 15 
Electron 32.2.1 
Electron 32.2.2 
EnterpriseDB Corporation PostgreSQL 12 12.20.2 
EnterpriseDB Corporation PostgreSQL 13 13.16.2 
EnterpriseDB Corporation PostgreSQL 14 14.13.2 
EnterpriseDB Corporation PostgreSQL 15 15.8.2 
EnterpriseDB Corporation PostgreSQL 16 16.4.2 
Foxit PDF Editor 11 11.1.10.1010 
Foxit PDF Editor 11 11.2.11.54113 22 
Foxit PDF Editor 12 12.1.6.55574 
Foxit PDF Editor Pro 11 11.2.11.54113 22 
Google Chrome for Business 129.0.6668.101 
Google Chrome for Business 129.0.6668.90 
Google Chrome for Business 130.0.6723.59 13 
Google Chrome for Business 130.0.6723.70 
Google Chrome for Business 130.0.6723.92 
Liberica JDK 11.0.25.11 
Liberica JDK 17.0.13.12 
Liberica JDK 8.0.432.7 
Liberica JDK Lite 21.0.5.11 
Liberica JRE 21.0.5.11 
Microsoft .NET Runtime 6.0 6.0.35 
Microsoft .NET Runtime 6.0 6.0.35.34109 
Microsoft .NET Runtime 8.0 8.0.10 
Microsoft .NET Runtime 8.0 8.0.10.34116 
Microsoft .NET SDK 6.0 6.0.35 
Microsoft .NET SDK 6.0 6.4.2724.46902 
Microsoft .NET SDK 8.0 8.0.403 
Microsoft .NET SDK 8.0 8.4.324.47413 
Microsoft 365 Apps 2402 (Build 16.0.17328.20612) 
Microsoft 365 Apps 2408 (Build 16.0.17928.20216) 
Microsoft 365 Apps 2409 (Build 16.0.18025.20140) 
Microsoft ASP.NET Core Runtime 6.0 6.0.35 
Microsoft ASP.NET Core Runtime 6.0 6.0.35.24462 
Microsoft ASP.NET Core Runtime 8.0 8.0.10 
Microsoft ASP.NET Core Runtime 8.0 8.0.10.24468 
Microsoft ASP.NET Core Runtime Hosting Bundle 6.0 6.0.35.24462 
Microsoft ASP.NET Core Runtime Hosting Bundle 8.0 8.0.10.24468 
Microsoft Edge Beta 130.0.2849.46 27 
Microsoft Edge Beta 130.0.2849.46 25 
Microsoft Edge for Business 129.0.2792.79 
Microsoft Edge for Business 129.0.2792.89 
Microsoft Edge for Business 130.0.2849.46 27 
Microsoft Edge for Business 130.0.2849.46 25 
Microsoft Edge for Business 130.0.2849.56 
Microsoft Edge for Business 130.0.2849.68 
Microsoft Edge Webview2 Runtime 130.0.2849.56 
Microsoft Remote Desktop 1.2.5709.0 
Microsoft Visual Studio 2017 Community 15.9.35324.217 
Microsoft Visual Studio 2017 Enterprise 15.9.35324.217 
Microsoft Visual Studio 2017 Professional 15.9.35324.217 
Microsoft Visual Studio 2019 Community 16.11.35325.158 
Microsoft Visual Studio 2019 Enterprise 16.11.35325.158 
Microsoft Visual Studio 2019 Professional 16.11.35325.158 
Microsoft Visual Studio 2022 Community 17.11.35327.3 
Microsoft Visual Studio 2022 Enterprise 17.10.35326.205 
Microsoft Visual Studio 2022 Enterprise 17.11.35327.3 
Microsoft Visual Studio 2022 Enterprise 17.6.35326.246 
Microsoft Visual Studio 2022 Enterprise 17.8.35326.199 
Microsoft Visual Studio 2022 Professional 17.10.35326.205 
Microsoft Visual Studio 2022 Professional 17.11.35327.3 
Microsoft Visual Studio 2022 Professional 17.6.35326.246 
Microsoft Visual Studio 2022 Professional 17.8.35326.199 
Microsoft Visual Studio Code 1.94.1 
Microsoft Visual Studio Feedback Client 2017 15.9.35324.217 
Microsoft Visual Studio Team Explorer 2017 15.9.35324.217 
Microsoft Visual Studio Team Explorer 2019 16.11.35325.158 
Microsoft Visual Studio Team Explorer 2022 17.11.35327.3 
Microsoft Windows Desktop Runtime 6.0 6.0.35.34113 
Microsoft Windows Desktop Runtime 8.0 8.0.10.34118 
Mozilla Firefox 131.0 11 
Mozilla Firefox 131.0.2 
Mozilla Firefox 131.0.3 
Mozilla Firefox 132.0 11 
Mozilla Firefox ESR 115 115.16.0 
Mozilla Firefox ESR 115 115.16.1 
Mozilla Firefox ESR 115 115.17.0 
Mozilla Firefox ESR 128 128.3.0 11 
Mozilla Firefox ESR 128 128.3.1 
Mozilla Firefox ESR 128 128.4.0 10 
Mozilla Thunderbird ESR 128 128.3.0 11 
Mozilla Thunderbird ESR 128 128.3.1 
Mozilla Thunderbird ESR 128 128.4.0 10 
NoMachine 8.14.2 
NoMachine Enterprise Client 8.14.2 
NoMachine Enterprise Desktop 8.14.2 
OpenJDK 11 11.0.25.9 
OpenJDK 17 17.0.13.11 
OpenJDK 21 21.0.5.11 
Oracle Java Runtime Environment Version 8 8.0.4310.10 
Oracle Java SE Development Kit 21 21.0.5.0 
Oracle Java SE Development Kit 23 23.0.1.0 
Oracle Java SE Development Kit 8 8.0.4310.10 
Oracle VirtualBox 7 7.0.22 
Oracle VirtualBox 7 7.1.4 
Pale Moon 33.4.0 
Python 3.13 3.13.0 
Red Hat OpenJDK 1.8.4321.6 
Red Hat OpenJDK 11.0.2509.1 
Red Hat OpenJDK 17.00130.11.1 
Red Hat OpenJDK 21.0050.11.1 
Red Hat OpenJDK JRE 11.0.250.1 
Red Hat OpenJDK JRE 17.00130.11.1 
Red Hat OpenJDK JRE 21.0050.11.1 
TeamCity 2024.07.3 
Vivaldi 7.0.3495.10 
Zulu JDK 11 (LTS) 11.76.21 
Zulu JDK 17 (LTS) 17.54.21 
Zulu JDK 17 (LTS) 17.54.21 
Zulu JDK 21 (LTS) 21.38.21 
Zulu JDK 23 (STS) 23.30.13 
Zulu JDK 23 (STS) 23.30.13 
Zulu JDK 8 (LTS) 8.82.0.21 
Zulu JDK 8 (LTS) 8.82.0.21 
Zulu JRE 11 (LTS) 11.76.21 
Zulu JRE 17 (LTS) 17.54.21 
Zulu JRE 17 (LTS) 17.54.21 
Zulu JRE 21 (LTS) 21.38.21 
Zulu JRE 23 (STS) 23.30.13 
Zulu JRE 8 (LTS) 8.82.0.21 

Conclusion

Maintaining the security and performance of your IT environment hinges on timely third-party patching. The October 2024 updates addressed significant vulnerabilities across various applications, underscoring the importance of staying vigilant. By prioritizing these patches, you help safeguard your systems against potential exploits and ensure continued operational stability.

To deepen your understanding of third-party patching and its impact on your security posture, explore our eBook Reduce Your Attack Footprint.

Back to Top