Patch Tuesday: 2 critical CVEs, no zero-day vulnerability
Microsoft released its first batch of Patch Tuesday fixes for 2024, addressing fewer security flaws compared to the previous year. This January 2024 Patch Tuesday addresses 48 CVEs, including two critical-severity and 46 important-severity vulnerabilities. Additionally, Microsoft has republished information on 5 non-Microsoft CVEs which include vulnerabilities in Microsoft Edge (Chromium-based) and an SQLite vulnerability. None of the vulnerabilities mentioned are known to have been exploited in the wild.
Let’s take a closer look at the most interesting updates for this month.
Notable Critical Microsoft Vulnerabilities
⭕ Critical |Windows Kerberos Security Feature Bypass Vulnerability
- CVE-2024-20674 targets Kerberos, a network authentication protocol that serves as the default Windows authentication protocol. It is utilized for authenticating users and computers on a Windows network and for enabling single sign-on access control. An attacker can exploit this vulnerability by conducting a machine-in-the-middle (MITM) attack and then send a malicious Kerberos message to the client victim machine. This action could bypass authentication and allow the attacker to impersonate the Kerberos authentication server.
⭕ Critical | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-20700 targets Hyper-V, which is responsible for hardware virtualization. However, for an attack to be initiated, an attacker must first gain access to a restricted network, specifically the same subnet as the hypervisor. Successful exploitation of the vulnerability requires the attacker winning a race condition. If successful, code execution can occur within a SYSTEM context on the Hyper-V host.
Runecast protects you against all of these vulnerabilities
Runecast covers 39 vulnerabilities that specifically affect Windows operating systems, all mentioned below:
Microsoft Bluetooth Driver Spoofing Vulnerability
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Microsoft AllJoyn API Denial of Service Vulnerability
Windows Kerberos Security Feature Bypass Vulnerability
BitLocker Security Feature Bypass Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows CoreMessaging Information Disclosure Vulnerability
Microsoft Common Log File System Elevation of Privilege Vulnerability
Windows Cryptographic Services Remote Code Execution Vulnerability
Windows Cryptographic Services Information Disclosure Vulnerability
Windows Group Policy Elevation of Privilege Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Windows Libarchive Remote Code Execution Vulnerability
Windows Libarchive Remote Code Execution Vulnerability
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
Windows Message Queuing Client (MSMQC) Information Disclosure
Windows Message Queuing Client (MSMQC) Information Disclosure
Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Message Queuing Denial of Service Vulnerability
Windows Nearby Sharing Spoofing Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
Windows HTML Platforms Security Feature Bypass Vulnerability
Windows Server Key Distribution Service Security Feature Bypass
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Windows TCP/IP Information Disclosure Vulnerability
Windows Themes Information Disclosure Vulnerability
Windows Themes Spoofing Vulnerability
CVE-2024-21320
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Meet other Runecasters here:
Run Secure and Compliant Workloads Anywhere
Let Runecast detect and assess risks, so you can be fully compliant in minutes.