Microsoft Patch Tuesday – January 2024

Welcome to the first Patch Tuesday of 2024! We are starting a New Year with 49 new bugs where only 2 are critical. As the article will be really short this time, let’s briefly review these bugs!

CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability

The first one one our list is a Critical bug with a 9.0 CVSS score. An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server. This one is not exploited yet, but there is a fair chance that we will see the first attempts soon.

CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability

The second critical vulnerability has a 7.5 CVSS score. Successful exploitation of this one requires an attacker to first gain access to the restricted network before running an attack. It also requires an attacker to win a race condition. If you are based on a Hyper-V environment, watch out and patch.

Summary

Below you can see the most important CVEs released by Microsoft in January 2024. Besides the vulnerabilities already mentioned, you can find bugs in SharePoint, System.Data.SQLClient, .NET, Visual Studio, Azure Storage Mover Agent, or ODBC drivers.

CVE NumberCVE TitleSeverity (CVSS score)Attack VectorAttack ComplexityPrivileges RequiredUser interactionExploit Code MaturityApplicable for
CVE-2024-20674Windows Kerberos Security Feature Bypass VulnerabilityCritical (9.0)AdjacentLowLowNoneUnprovenWindows 10+
Windows Server 2008+
CVE-2024-20700Windows Hyper-V Remote Code Execution VulnerabilityCritical (7.5)AdjacentLowLowNoneUnprovenWindows 10+
Windows Server 2019+
CVE-2024-21318Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant (8.8)NetworkLowNoneNoneUnprovenSharePoint Server 2019,
Microsoft SharePoint Enterprise Server 2016,
SharePoint Server Subscription Edition
CVE-2024-0056Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass VulnerabilityImportant (8.7)NetworkHighNoneNoneUnprovenMicrosoft Visual Studio 2022 version 17.8-
.NET different versions
System.Data.SQLClient
CVE-2024-0057.NET and Visual Studio Framework Security Feature Bypass VulnerabilityImportant (8.4)NetworkLowNoneNonePoCMicrosoft Visual Studio 2022 version 17.8-
.NET different versions
CVE-2024-20676Azure Storage Mover Remote Code Execution VulnerabilityImportant (8.0)NetworkHighHighNoneUnprovenAzure Storage Mover Agent
CVE-2024-20654Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant (8.0)NetworkLowLowRequiredUnprovenWindows 10+
Windows Server 2008+

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top