Latest Cyber Security News

You are here: Home / General Cyber Security News / Microsoft’s January 2024 Windows Update Patches 48 New Vulnerabilities
January 10, 2024

Microsoft has resolved a whole of 48 security flaws spanning its application as element of its Patch Tuesday updates for January 2024.

Of the 48 bugs, two are rated Critical and 46 are rated Significant in severity. There is no evidence that any of the issues are publicly acknowledged or less than energetic attack at the time of release, generating it the 2nd consecutive Patch Tuesday with no zero-times.

The fixes are in addition to nine security vulnerabilities that have been resolved in the Chromium-based mostly Edge browser considering that the launch of December 2023 Patch Tuesday updates. This also involves a resolve for a zero-day (CVE-2023-7024, CVSS score: 8.8) that Google explained has been actively exploited in the wild.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The most critical among flaws patched this month are as follows –

  • CVE-2024-20674 (CVSS score: 9.) – Windows Kerberos Security Feature Bypass Vulnerability
  • CVE-2024-20700 (CVSS rating: 7.5) – Windows Hyper-V Distant Code Execution Vulnerability

“The authentication characteristic could be bypassed as this vulnerability makes it possible for impersonation,” Microsoft claimed in an advisory for CVE-2024-20674.

Cybersecurity

“An authenticated attacker could exploit this vulnerability by developing a machine-in-the-center (MitM) attack or other area network spoofing system, then sending a malicious Kerberos concept to the client victim machine to spoof alone as the Kerberos authentication server.”

Even so, the enterprise mentioned that successful exploitation involves an attacker to obtain obtain to the restricted network first. Security researcher ldwilmore34 has been credited with finding and reporting the flaw.

CVE-2024-20700, on the other hand, neither necessitates authentication nor user interaction to achieve remote code execution, while winning a race problem is a prerequisite to staging an attack.

“It isn’t crystal clear just where by the attacker will have to be situated — the LAN on which the hypervisor resides, or a digital network made and managed by the hypervisor — or in what context the remote code execution would manifest,” Adam Barnett, direct software package engineer at Swift7, explained to The Hacker News.

Other noteworthy flaws incorporate CVE-2024-20653 (CVSS rating: 7.8), a privilege escalation flaw impacting the Popular Log File Process (CLFS) driver, and CVE-2024-0056 (CVSS score: 8.7), a security bypass influencing Method.Info.SqlClient and Microsoft.Information.SqlClient.

“An attacker who correctly exploited this vulnerability could carry out a device-in-the-middle (MitM) attack and could decrypt and read or modify TLS targeted traffic amongst the client and server,” Redmond claimed.

Microsoft further observed that it is really disabling the capacity to insert FBX information in Term, Excel, PowerPoint, and Outlook in Windows by default due to a security flaw (CVE-2024-20677, CVSS rating: 7.8) that could guide to remote code execution.

Cybersecurity

“3D designs in Office environment paperwork that had been earlier inserted from an FBX file will continue on to function as envisioned except the ‘Link to File’ choice was preferred at the insert time,” Microsoft stated in a individual inform. “GLB (Binary GL Transmission Structure) is the suggested substitute 3D file format for use in Business.”

It truly is value noting that Microsoft took a very similar action of disabling the SketchUp (SKP) file structure in Business pursuing ZScaler’s discovery of 117 security flaws in Microsoft 365 purposes.

Software Patches from Other Sellers

In addition to Microsoft, security updates have also been released by other distributors about the previous few weeks to rectify many vulnerabilities, including –

  • Adobe
  • AMD
  • Android
  • Arm
  • ASUS
  • Bosch
  • Cisco
  • Dell
  • F5
  • Fortinet
  • Google Chrome
  • Google Cloud
  • HP
  • IBM
  • Intel
  • Lenovo
  • Linux distributions Debian, Oracle Linux, Purple Hat, SUSE, and Ubuntu
  • MediaTek
  • NETGEAR
  • Qualcomm
  • Samsung
  • SAP
  • Schneider Electrical
  • Siemens
  • Splunk
  • Synology
  • Trend Micro
  • Zimbra, and
  • Zoom

Discovered this report appealing? Comply with us on Twitter  and LinkedIn to go through additional exclusive articles we post.


Some pieces of this write-up are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *