Microsoft’s January 2024 Patch Tuesday Addresses 49 Security Vulnerabilities, Including 12 RCE Bugs
January 9, 2024
Microsoft's January 2024 Patch Tuesday has been released, featuring security updates for 49 vulnerabilities, including 12 remote code execution (RCE) flaws. Only two of the vulnerabilities were classified as critical, one being a Windows Kerberos Security Feature Bypass and the other a Hyper-V RCE.
The total of 49 flaws does not include 4 Microsoft Edge flaws that were fixed earlier on January 5th. For more information on the non-security updates released on this day, one can refer to articles dedicated to the new Windows 11 KB5034123 cumulative update.
While there were no vulnerabilities that were actively exploited or publicly disclosed this month, some flaws are more noteworthy than others. Microsoft has rectified an Office Remote Code Execution Vulnerability, tracked as CVE-2024-20677. This flaw enabled threat actors to generate malicious Office documents with embedded FBX 3D model files to execute remote code.
Microsoft's security bulletin explains, "A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac." It further adds, "Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365."
An important Windows Kerberos bug, tracked as CVE-2024-20674, was also addressed in this update. This bug could allow an attacker to bypass the authentication feature. A support bulletin reads, "An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server."
Other vendors who released updates or advisories in January 2024 have also been listed. A comprehensive list of resolved vulnerabilities in the January 2024 Patch Tuesday updates is available, providing a full description of each vulnerability and the systems it affects.
Latest News
- Critical SQL Injection Vulnerability Detected in Cacti Monitoring Tool
- Apache RocketMQ Servers Vulnerable to RCE Attacks: Hackers on the Prowl
- Critical Remote Code Execution Vulnerability in Ivanti's Endpoint Management Software
- CISA Updates Known Exploited Vulnerabilities Catalog with Chrome and Perl Library Flaws
- Terrapin Attack: A New Threat to SSH Protocol Security
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.