Jump to content
  • Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs


    Karlston

    • 867 views
    • 6 minutes
     Share


    • 867 views
    • 6 minutes

    Today is Microsoft's January 2024 Patch Tuesday, which includes security updates for a total of 49 flaws and 12 remote code execution vulnerabilities.

     

    Only two vulnerabilities were classified as critical, with one being a Windows Kerberos Security Feature Bypass and the other a Hyper-V RCE. 

     

    The number of bugs in each vulnerability category is listed below:

     

    • 10 Elevation of Privilege Vulnerabilities
    • 7 Security Feature Bypass Vulnerabilities
    • 12 Remote Code Execution Vulnerabilities
    • 11 Information Disclosure Vulnerabilities
    • 6 Denial of Service Vulnerabilities
    • 3 Spoofing Vulnerabilities 

     

    The total count of 49 flaws does not include 4 Microsoft Edge flaws fixed on January 5th.

     

    To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5034123 cumulative update and Windows 10 KB5034122 update.

    This month's interesting flaws

    While there were no actively exploited or publicly disclosed vulnerabilities this month, some flaws are more interesting than others.

     

    Microsoft fixes an Office Remote Code Execution Vulnerability tracked as CVE-2024-20677 that allows threat actors to create maliciously crafted Office documents with embedded FBX 3D model files to perform remote code execution.

     

    "A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac," explains Microsoft security bulletin.

     

    "Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365."

     

    "3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time."

     

    A critical Windows Kerberos bug tracked as CVE-2024-20674 was also fixed today, allowing an attacker to bypass the authentication feature.

     

    "An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server," reads a support bulletin.

    Recent updates from other companies

    Other vendors who released updates or advisories in January 2023 include:

     

    The January 2024 Patch Tuesday Security Updates

    Below is the complete list of resolved vulnerabilities in the January 2023 Patch Tuesday updates.

     

    To access the full description of each vulnerability and the systems it affects, you can view the full report here.

     

    Tag CVE ID CVE Title Severity
    .NET and Visual Studio CVE-2024-0057 NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability Important
    .NET Core & Visual Studio CVE-2024-20672 .NET Core and Visual Studio Denial of Service Vulnerability Important
    .NET Framework CVE-2024-21312 .NET Framework Denial of Service Vulnerability Important
    Azure Storage Mover CVE-2024-20676 Azure Storage Mover Remote Code Execution Vulnerability Important
    Microsoft Bluetooth Driver CVE-2024-21306 Microsoft Bluetooth Driver Spoofing Vulnerability Important
    Microsoft Devices CVE-2024-21325 Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability Important
    Microsoft Edge (Chromium-based) CVE-2024-0222 Chromium: CVE-2024-0222 Use after free in ANGLE Unknown
    Microsoft Edge (Chromium-based) CVE-2024-0223 Chromium: CVE-2024-0223 Heap buffer overflow in ANGLE Unknown
    Microsoft Edge (Chromium-based) CVE-2024-0224 Chromium: CVE-2024-0224 Use after free in WebAudio Unknown
    Microsoft Edge (Chromium-based) CVE-2024-0225 Chromium: CVE-2024-0225 Use after free in WebGPU Unknown
    Microsoft Identity Services CVE-2024-21319 Microsoft Identity Denial of service vulnerability Important
    Microsoft Office CVE-2024-20677 Microsoft Office Remote Code Execution Vulnerability Important
    Microsoft Office SharePoint CVE-2024-21318 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
    Microsoft Virtual Hard Drive CVE-2024-20658 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Important
    Remote Desktop Client CVE-2024-21307 Remote Desktop Client Remote Code Execution Vulnerability Important
    SQL Server CVE-2024-0056 Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability Important
    SQLite CVE-2022-35737 MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow Important
    Unified Extensible Firmware Interface CVE-2024-21305 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Important
    Visual Studio CVE-2024-20656 Visual Studio Elevation of Privilege Vulnerability Important
    Windows AllJoyn API CVE-2024-20687 Microsoft AllJoyn API Denial of Service Vulnerability Important
    Windows Authentication Methods CVE-2024-20674 Windows Kerberos Security Feature Bypass Vulnerability Critical
    Windows BitLocker CVE-2024-20666 BitLocker Security Feature Bypass Vulnerability Important
    Windows Cloud Files Mini Filter Driver CVE-2024-21310 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important
    Windows Collaborative Translation Framework CVE-2024-20694 Windows CoreMessaging Information Disclosure Vulnerability Important
    Windows Common Log File System Driver CVE-2024-20653 Microsoft Common Log File System Elevation of Privilege Vulnerability Important
    Windows Cryptographic Services CVE-2024-20682 Windows Cryptographic Services Remote Code Execution Vulnerability Important
    Windows Cryptographic Services CVE-2024-21311 Windows Cryptographic Services Information Disclosure Vulnerability Important
    Windows Group Policy CVE-2024-20657 Windows Group Policy Elevation of Privilege Vulnerability Important
    Windows Hyper-V CVE-2024-20699 Windows Hyper-V Denial of Service Vulnerability Important
    Windows Hyper-V CVE-2024-20700 Windows Hyper-V Remote Code Execution Vulnerability Critical
    Windows Kernel CVE-2024-20698 Windows Kernel Elevation of Privilege Vulnerability Important
    Windows Kernel-Mode Drivers CVE-2024-21309 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important
    Windows Libarchive CVE-2024-20697 Windows Libarchive Remote Code Execution Vulnerability Important
    Windows Libarchive CVE-2024-20696 Windows Libarchive Remote Code Execution Vulnerability Important
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-20692 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Important
    Windows Message Queuing CVE-2024-20660 Microsoft Message Queuing Information Disclosure Vulnerability Important
    Windows Message Queuing CVE-2024-20664 Microsoft Message Queuing Information Disclosure Vulnerability Important
    Windows Message Queuing CVE-2024-20680 Windows Message Queuing Client (MSMQC) Information Disclosure Important
    Windows Message Queuing CVE-2024-20663 Windows Message Queuing Client (MSMQC) Information Disclosure Important
    Windows Message Queuing CVE-2024-21314 Microsoft Message Queuing Information Disclosure Vulnerability Important
    Windows Message Queuing CVE-2024-20661 Microsoft Message Queuing Denial of Service Vulnerability Important
    Windows Nearby Sharing CVE-2024-20690 Windows Nearby Sharing Spoofing Vulnerability Important
    Windows ODBC Driver CVE-2024-20654 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20662 Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability Important
    Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20655 Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability Important
    Windows Scripting CVE-2024-20652 Windows HTML Platforms Security Feature Bypass Vulnerability Important
    Windows Server Key Distribution Service CVE-2024-21316 Windows Server Key Distribution Service Security Feature Bypass Important
    Windows Subsystem for Linux CVE-2024-20681 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
    Windows TCP/IP CVE-2024-21313 Windows TCP/IP Information Disclosure Vulnerability Important
    Windows Themes CVE-2024-20691 Windows Themes Information Disclosure Vulnerability Important
    Windows Themes CVE-2024-21320 Windows Themes Spoofing Vulnerability Important
    Windows Win32 Kernel Subsystem CVE-2024-20686 Win32k Elevation of Privilege Vulnerability Important
    Windows Win32K CVE-2024-20683 Win32k Elevation of Privilege Vulnerability Important

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...