CrowdStrike Update Causes BSOD Issues Globally – Audit Available 🛡️ Learn more

TRY NOW
Patch Tuesday

Microsoft Patch Tuesday – January 2024

5 min. read
09/01/2024
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

⚡ TL;DR | Go Straight to the January 202Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The January 2024 edition of Patch Tuesday brings us 56 new fixes, with 2 rated as critical. We’ve listed the most important changes below.

Windows Kerberos Security Feature Bypass Vulnerability

We start this Patch Tuesday off with CVE-2024-20674, with a CVSS base score of 9 and Microsoft lists it as being more than likely to be exploited. By abusing the vulnerability, an attacker can bypass authentication.

Microsoft provided additional details regarding the exploitation:

An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server.

Microsoft

The one major condition is that the attacker will need to access the network first before being able to execture and attack.

Windows Hyper-V Remote Code Execution Vulnerability

The second critical vulnerability this month is one in Hyper-V, CVE-2024-20700. Microsoft doesn’t provide a lot of information on this vulnerability but unlike the Kerberos vulnerability this one isn’t listed as being likely to be exploited. Similar to the previous vulneraiblity, an attacker does need access to the network first.

Microsoft SharePoint Server Remote Code Execution Vulnerability

Another vulnerability that is marked as likely to be exploited is CVE-2024-21318. An attacker does need to be have access to the “Site Owner” permission. If successfull, an attacker can inject arbitrary code and execute this code in the context of SharePoint Server.

Run the Patch Tuesday January 2024 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday January 2024 CVE Codes & Titles

CVE NumberCVE Title
CVE-2024-21320Windows Themes Spoofing Vulnerability
CVE-2024-21319Microsoft Identity Denial of service vulnerability
CVE-2024-21318Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-21314Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-21312.NET Framework Denial of Service Vulnerability
CVE-2024-21311Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2024-21310Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-21309Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-21306Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2024-20692Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2024-20687Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2024-20686Win32k Elevation of Privilege Vulnerability
CVE-2024-20681Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2024-21316Windows Server Key Distribution Service Security Feature Bypass
CVE-2024-20664Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-20663Windows Message Queuing Client (MSMQC) Information Disclosure
CVE-2024-20662Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
CVE-2024-20661Microsoft Message Queuing Denial of Service Vulnerability
CVE-2024-20660Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-20656Visual Studio Elevation of Privilege Vulnerability
CVE-2024-20655Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
CVE-2024-20653Microsoft Common Log File System Elevation of Privilege Vulnerability
CVE-2024-20652Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2024-0057NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-0056Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
CVE-2024-20672.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2024-21325Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability
CVE-2024-21313Windows TCP/IP Information Disclosure Vulnerability
CVE-2024-21307Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-21305Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVE-2024-20700Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-20699Windows Hyper-V Denial of Service Vulnerability
CVE-2024-20698Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-20697Windows Libarchive Remote Code Execution Vulnerability
CVE-2024-20696Windows Libarchive Remote Code Execution Vulnerability
CVE-2022-35737MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow
CVE-2024-20694Windows CoreMessaging Information Disclosure Vulnerability
CVE-2024-20691Windows Themes Information Disclosure Vulnerability
CVE-2024-20690Windows Nearby Sharing Spoofing Vulnerability
CVE-2024-20683Win32k Elevation of Privilege Vulnerability
CVE-2024-20682Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-20680Windows Message Queuing Client (MSMQC) Information Disclosure
CVE-2024-20658Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVE-2024-20657Windows Group Policy Elevation of Privilege Vulnerability
CVE-2024-20654Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-20676Azure Storage Mover Remote Code Execution Vulnerability
CVE-2024-20677Microsoft Office Remote Code Execution Vulnerability
CVE-2024-20674Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-20666BitLocker Security Feature Bypass Vulnerability
CVE-2023-36042Visual Studio Denial of Service Vulnerability
CVE-2023-29349Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
CVE-2023-32028Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-32027Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-32026Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-32025Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-29356Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.