ISC Stormcast For Wednesday, January 10th, 2024 https://isc.sans.edu/podcastdetail/8804

Microsoft January 2024 Patch Tuesday

Published: 2024-01-10. Last Updated: 2024-01-10 00:38:10 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Microsoft today surprised with a light patch Tuesday. We only received 48 patches for Microsoft products and four for Chromium, affecting Microsoft Edge. Only two of the 48 patches are rated critical; none had been disclosed or exploited before today. The update also includes an SQLite patch affecting Microsoft products. This issue fixed the "Stranger Strings" vulnerability, patched in 2022 in the open-source version of SQLite. 

The critical Kerberos vulnerability is interesting and should be patched quickly. It may allow an attacker with a MitM position to impersonate a Kerberos server and bypass authentication. Kerberos weaknesses have been abused in these scenarios in the past, and obtaining a MitM position is typically not that difficult after the perimeter of a network has been breached.

 

 

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2024-20672 No No - - Important 7.5 6.7
.NET Framework Denial of Service Vulnerability
CVE-2024-21312 No No - - Important 7.5 6.7
Azure Storage Mover Remote Code Execution Vulnerability
CVE-2024-20676 No No - - Important 8.0 7.0
BitLocker Security Feature Bypass Vulnerability
CVE-2024-20666 No No - - Important 6.6 5.8
Chromium: CVE-2024-0222 Use after free in ANGLE
CVE-2024-0222 No No - - -    
Chromium: CVE-2024-0223 Heap buffer overflow in ANGLE
CVE-2024-0223 No No - - -    
Chromium: CVE-2024-0224 Use after free in WebAudio
CVE-2024-0224 No No - - -    
Chromium: CVE-2024-0225 Use after free in WebGPU
CVE-2024-0225 No No - - -    
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVE-2024-21305 No No - - Important 4.4 3.9
MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow
CVE-2022-35737 No No - - -    
Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2024-20687 No No - - Important 7.5 6.5
Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2024-21306 No No - - Important 5.7 5.0
Microsoft Common Log File System Elevation of Privilege Vulnerability
CVE-2024-20653 No No - - Important 7.8 6.8
Microsoft Identity Denial of service vulnerability
CVE-2024-21319 No No - - Important 6.8 5.9
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2024-20692 No No - - Important 5.7 5.0
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2024-20661 No No - - Important 7.5 6.5
Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-20660 No No - - Important 6.5 5.7
CVE-2024-20664 No No - - Important 6.5 5.7
CVE-2024-21314 No No - - Important 6.5 5.7
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-20654 No No - - Important 8.0 7.0
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-20677 No No - - Important 7.8 6.8
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
CVE-2024-20655 No No - - Important 6.6 5.8
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability
CVE-2024-21325 No No - - Important    
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-21318 No No - - Important 8.8 7.7
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVE-2024-20658 No No - - Important 7.8 6.8
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
CVE-2024-0056 No No - - Important 8.7 7.6
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-0057 No No - - Important 9.1 8.2
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-21307 No No - - Important 7.5 6.5
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-20656 No No - - Important 7.8 6.8
Win32k Elevation of Privilege Vulnerability
CVE-2024-20683 No No - - Important 7.8 6.8
CVE-2024-20686 No No - - Important 7.8 6.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-21310 No No - - Important 7.8 6.8
Windows CoreMessaging Information Disclosure Vulnerability
CVE-2024-20694 No No - - Important 5.5 4.8
Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2024-21311 No No - - Important 5.5 4.8
Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-20682 No No - - Important 7.8 6.8
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2024-20657 No No - - Important 7.0 6.1
Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2024-20652 No No - - Important 7.5 6.5
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-20699 No No - - Important 5.5 4.8
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-20700 No No - - Critical 7.5 6.5
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-20674 No No - - Critical 9.0 7.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-20698 No No - - Important 7.8 6.8
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-21309 No No - - Important 7.8 6.8
Windows Libarchive Remote Code Execution Vulnerability
CVE-2024-20696 No No - - Important 7.3 6.4
CVE-2024-20697 No No - - Important 7.3 6.4
Windows Message Queuing Client (MSMQC) Information Disclosure
CVE-2024-20680 No No - - Important 6.5 5.7
CVE-2024-20663 No No - - Important 6.5 5.7
Windows Nearby Sharing Spoofing Vulnerability
CVE-2024-20690 No No - - Important 6.5 5.9
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
CVE-2024-20662 No No - - Important 4.9 4.3
Windows Server Key Distribution Service Security Feature Bypass
CVE-2024-21316 No No - - Important 6.1 5.3
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2024-20681 No No - - Important 7.8 6.8
Windows TCP/IP Information Disclosure Vulnerability
CVE-2024-21313 No No - - Important 5.3 4.6
Windows Themes Information Disclosure Vulnerability
CVE-2024-20691 No No - - Important 4.7 4.1
Windows Themes Spoofing Vulnerability
CVE-2024-21320 No No - - Important 6.5 5.7

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Keywords:
0 comment(s)

Comments


Diary Archives