Welcome to the first Patch Tuesday of 2024! We are starting a New Year with 49 new bugs where only 2 are critical. As the article will be really short this time, let’s briefly review these bugs!
CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability
The first one one our list is a Critical bug with a 9.0 CVSS score. An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server. This one is not exploited yet, but there is a fair chance that we will see the first attempts soon.
CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability
The second critical vulnerability has a 7.5 CVSS score. Successful exploitation of this one requires an attacker to first gain access to the restricted network before running an attack. It also requires an attacker to win a race condition. If you are based on a Hyper-V environment, watch out and patch.
Summary
Below you can see the most important CVEs released by Microsoft in January 2024. Besides the vulnerabilities already mentioned, you can find bugs in SharePoint, System.Data.SQLClient, .NET, Visual Studio, Azure Storage Mover Agent, or ODBC drivers.
CVE Number | CVE Title | Severity (CVSS score) | Attack Vector | Attack Complexity | Privileges Required | User interaction | Exploit Code Maturity | Applicable for |
---|---|---|---|---|---|---|---|---|
CVE-2024-20674 | Windows Kerberos Security Feature Bypass Vulnerability | Critical (9.0) | Adjacent | Low | Low | None | Unproven | Windows 10+ Windows Server 2008+ |
CVE-2024-20700 | Windows Hyper-V Remote Code Execution Vulnerability | Critical (7.5) | Adjacent | Low | Low | None | Unproven | Windows 10+ Windows Server 2019+ |
CVE-2024-21318 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important (8.8) | Network | Low | None | None | Unproven | SharePoint Server 2019, Microsoft SharePoint Enterprise Server 2016, SharePoint Server Subscription Edition |
CVE-2024-0056 | Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | Important (8.7) | Network | High | None | None | Unproven | Microsoft Visual Studio 2022 version 17.8- .NET different versions System.Data.SQLClient |
CVE-2024-0057 | .NET and Visual Studio Framework Security Feature Bypass Vulnerability | Important (8.4) | Network | Low | None | None | PoC | Microsoft Visual Studio 2022 version 17.8- .NET different versions |
CVE-2024-20676 | Azure Storage Mover Remote Code Execution Vulnerability | Important (8.0) | Network | High | High | None | Unproven | Azure Storage Mover Agent |
CVE-2024-20654 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Important (8.0) | Network | Low | Low | Required | Unproven | Windows 10+ Windows Server 2008+ |
- Microsoft Patch Tuesday – January 2024 - January 10, 2024
- Microsoft Patch Tuesday – November 2023 - November 15, 2023
- Microsoft Patch Tuesday – October 2023 - October 11, 2023