The CVE has a CVSS 7.8 rating. The attacker needs local access or user interaction, such as tricking the user to open a malicious document, to exploit the vulnerability. If successful, the attacker could get system-level privileges and gain full control of the device.

A critical remote-code execution vulnerability (CVE-2024-49112) in the Windows Lightweight Directory Access Protocol (LDAP) has this month's highest CVSS score of 9.8 and affects Windows Server and desktop systems.

LDAP is the protocol Active Directory uses to perform several functions, including user authentication and authorization. The attacker needs network access to attempt an exploit by sending a specially crafted LDAP request to a vulnerable system. If successful, they can access sensitive information, modify protected files or crash the system.

"Ensure that domain controllers are configured either to not access the internet or to not allow inbound [Remote Procedure Calls] from untrusted networks. While either mitigation will protect your system from this vulnerability, applying both configurations provides an effective defense-in-depth against this vulnerability," Microsoft wrote in the CVE notes.

A System Center Operations Manager (SCOM) elevation-of-privilege vulnerability (CVE-2024-43594) is rated important with a CVSS 7.3 score for SCOM 2019, 2022 and 2025 systems.

Microsoft rates the chances of exploitation as "less likely" due to the complex requirements for a successful exploit, such as adding a malicious file to the target environment and needing user interaction. After an effective breach, the attacker could take over the system to access sensitive information, change settings and launch more attacks.

CVE-2024-49063 is a remote-code execution vulnerability rated important in Muzic, a music-related AI research project on GitHub. Muzic uses deep learning and AI for music analysis and generation. If an attacker exploits the vulnerability, they can run malicious code on the system.

"Your development team has to remediate by taking the latest version from the project and update the environment," said Goettl.

He said this vulnerability shows how enterprises must understand how AI and machine learning projects expand the organization's attack surface. As these technologies grow more pervasive, the IT and security teams need to stay ahead of the curve and watch for vulnerabilities in third-party and research initiatives that may invite security risks to their organizations.

Goettl said in the coming year AI will be used increasingly by security researchers, which could cause a perfect storm of a more frenetic disclosure rate that outstrips the ability of vendors to produce patches quickly -- which will draw unwanted attention from threat actors. The result is organizations will need to find ways to deploy patches as soon as they are available.

"Both sides will find new exploits faster, so you can expect the zero-day count is going to increase and the urgency on zero-day response is likewise going to increase," he said.