Microsoft January 2024 Patch Tuesday
Microsoft today surprised with a light patch Tuesday. We only received 48 patches for Microsoft products and four for Chromium, affecting Microsoft Edge. Only two of the 48 patches are rated critical; none had been disclosed or exploited before today. The update also includes an SQLite patch affecting Microsoft products. This issue fixed the "Stranger Strings" vulnerability, patched in 2022 in the open-source version of SQLite.
The critical Kerberos vulnerability is interesting and should be patched quickly. It may allow an attacker with a MitM position to impersonate a Kerberos server and bypass authentication. Kerberos weaknesses have been abused in these scenarios in the past, and obtaining a MitM position is typically not that difficult after the perimeter of a network has been breached.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Core and Visual Studio Denial of Service Vulnerability | |||||||
CVE-2024-20672 | No | No | - | - | Important | 7.5 | 6.7 |
.NET Framework Denial of Service Vulnerability | |||||||
CVE-2024-21312 | No | No | - | - | Important | 7.5 | 6.7 |
Azure Storage Mover Remote Code Execution Vulnerability | |||||||
CVE-2024-20676 | No | No | - | - | Important | 8.0 | 7.0 |
BitLocker Security Feature Bypass Vulnerability | |||||||
CVE-2024-20666 | No | No | - | - | Important | 6.6 | 5.8 |
Chromium: CVE-2024-0222 Use after free in ANGLE | |||||||
CVE-2024-0222 | No | No | - | - | - | ||
Chromium: CVE-2024-0223 Heap buffer overflow in ANGLE | |||||||
CVE-2024-0223 | No | No | - | - | - | ||
Chromium: CVE-2024-0224 Use after free in WebAudio | |||||||
CVE-2024-0224 | No | No | - | - | - | ||
Chromium: CVE-2024-0225 Use after free in WebGPU | |||||||
CVE-2024-0225 | No | No | - | - | - | ||
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | |||||||
CVE-2024-21305 | No | No | - | - | Important | 4.4 | 3.9 |
MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow | |||||||
CVE-2022-35737 | No | No | - | - | - | ||
Microsoft AllJoyn API Denial of Service Vulnerability | |||||||
CVE-2024-20687 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Bluetooth Driver Spoofing Vulnerability | |||||||
CVE-2024-21306 | No | No | - | - | Important | 5.7 | 5.0 |
Microsoft Common Log File System Elevation of Privilege Vulnerability | |||||||
CVE-2024-20653 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Identity Denial of service vulnerability | |||||||
CVE-2024-21319 | No | No | - | - | Important | 6.8 | 5.9 |
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||||||
CVE-2024-20692 | No | No | - | - | Important | 5.7 | 5.0 |
Microsoft Message Queuing Denial of Service Vulnerability | |||||||
CVE-2024-20661 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||||
CVE-2024-20660 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-20664 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-21314 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||||
CVE-2024-20654 | No | No | - | - | Important | 8.0 | 7.0 |
Microsoft Office Remote Code Execution Vulnerability | |||||||
CVE-2024-20677 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability | |||||||
CVE-2024-20655 | No | No | - | - | Important | 6.6 | 5.8 |
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability | |||||||
CVE-2024-21325 | No | No | - | - | Important | ||
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2024-21318 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | |||||||
CVE-2024-20658 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | |||||||
CVE-2024-0056 | No | No | - | - | Important | 8.7 | 7.6 |
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | |||||||
CVE-2024-0057 | No | No | - | - | Important | 9.1 | 8.2 |
Remote Desktop Client Remote Code Execution Vulnerability | |||||||
CVE-2024-21307 | No | No | - | - | Important | 7.5 | 6.5 |
Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2024-20656 | No | No | - | - | Important | 7.8 | 6.8 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2024-20683 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2024-20686 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-21310 | No | No | - | - | Important | 7.8 | 6.8 |
Windows CoreMessaging Information Disclosure Vulnerability | |||||||
CVE-2024-20694 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Cryptographic Services Information Disclosure Vulnerability | |||||||
CVE-2024-21311 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Cryptographic Services Remote Code Execution Vulnerability | |||||||
CVE-2024-20682 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Group Policy Elevation of Privilege Vulnerability | |||||||
CVE-2024-20657 | No | No | - | - | Important | 7.0 | 6.1 |
Windows HTML Platforms Security Feature Bypass Vulnerability | |||||||
CVE-2024-20652 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2024-20699 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2024-20700 | No | No | - | - | Critical | 7.5 | 6.5 |
Windows Kerberos Security Feature Bypass Vulnerability | |||||||
CVE-2024-20674 | No | No | - | - | Critical | 9.0 | 7.8 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2024-20698 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||||
CVE-2024-21309 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Libarchive Remote Code Execution Vulnerability | |||||||
CVE-2024-20696 | No | No | - | - | Important | 7.3 | 6.4 |
CVE-2024-20697 | No | No | - | - | Important | 7.3 | 6.4 |
Windows Message Queuing Client (MSMQC) Information Disclosure | |||||||
CVE-2024-20680 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2024-20663 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Nearby Sharing Spoofing Vulnerability | |||||||
CVE-2024-20690 | No | No | - | - | Important | 6.5 | 5.9 |
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | |||||||
CVE-2024-20662 | No | No | - | - | Important | 4.9 | 4.3 |
Windows Server Key Distribution Service Security Feature Bypass | |||||||
CVE-2024-21316 | No | No | - | - | Important | 6.1 | 5.3 |
Windows Subsystem for Linux Elevation of Privilege Vulnerability | |||||||
CVE-2024-20681 | No | No | - | - | Important | 7.8 | 6.8 |
Windows TCP/IP Information Disclosure Vulnerability | |||||||
CVE-2024-21313 | No | No | - | - | Important | 5.3 | 4.6 |
Windows Themes Information Disclosure Vulnerability | |||||||
CVE-2024-20691 | No | No | - | - | Important | 4.7 | 4.1 |
Windows Themes Spoofing Vulnerability | |||||||
CVE-2024-21320 | No | No | - | - | Important | 6.5 | 5.7 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments