October 2024 Patch Tuesday: Two Zero-Days and Three Critical Vulnerabilities Amid 118 CVEs

This advisory summarizes Microsoft patches for multiple vulnerabilities: two actively exploited zero-days (Microsoft Management Console CVE-2024-43572 and MSHTML CVE-2024-43573) and several critical RCE flaws affecting Configuration Manager (CVE-2024-43468), a Visual Studio Code Arduino extension (CVE-2024-43488), and Remote Desktop Protocol Server (CVE-2024-43582). With CVSS scores up to 9.8 and one RDP bug flagged as potentially wormable, the report urges immediate application of updates and mitigations via Microsoft's fixes and CrowdStrike Falcon tooling.