Microsoft's January 2024 Patch Tuesday Addresses 49 Vulnerabilities, Including 12 Critical RCE Bugs

January 11, 2024
Microsoft's January 2024 Patch Tuesday Addresses 49 Vulnerabilities, Including 12 Critical RCE Bugs

The first Patch Tuesday update by Microsoft highlights a comprehensive set of security updates that have been rolled out, addressing a total of 49 vulnerabilities, including 12 remote code execution (RCE) vulnerabilities. Among these, two were identified as critical—a Windows Kerberos Security Feature Bypass and a Hyper-V RCE.

The breakdown of vulnerabilities by category is as follows:

10 Elevation of Privilege Vulnerabilities

7 Security Feature Bypass Vulnerabilities

12 Remote Code Execution Vulnerabilities

11 Information Disclosure Vulnerabilities

6 Denial of Service Vulnerabilities

3 Spoofing Vulnerabilities

It's important to note that the total count of 49 flaws excludes the 4 Microsoft Edge vulnerabilities addressed on January 5th.

Noteworthy Vulnerabilities of the Month

Although no actively exploited or publicly disclosed vulnerabilities were identified this month, some flaws stand out due to their significance.

Among the issues addressed by Microsoft is a Remote Code Execution Vulnerability in Office, identified as CVE-2024-20677. This flaw enables threat actors to create maliciously crafted Office documents containing embedded FBX 3D model files, thereby facilitating remote code execution.

Microsoft's security bulletin highlights the response to this vulnerability: "A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint, and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. 3D models in Office documents that were previously inserted from an FBX file will continue to work as expected unless the Link to File option was chosen at insert time."

Additionally, a critical Windows Kerberos bug, tracked asCVE-2024-20674, has been addressed. This vulnerability could allow an attacker o bypass the authentication feature. According to a support bulletin, "An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server."

Security Updates for Patch Tuesday, January 2024

For detailed information on each vulnerability, along within sights into the affected systems, please refer to the complete report available here.

All Posts

Let's talk

We’re here to help! Submit your information or call the office on +44 (0)1243 670 854 and a member of our team would be happy to help.

Who are Cybaverse?
How can we support your business?
Why work with us?