Microsoft amazes with a Patch Tuesday surprisingly “light”. Distributing the new ones security updates for Windows and its other software products, the Redmond company has in fact released only 48 patches. None vulnerability correct today is previously known or, worse, used to conduct some type of attack.
This is something that goes against the trend of what was observed throughout 2023: for many of the security gaps that came to light last year, they were unfortunately already in circulation exploit codes used by individual attackers or groups of cyber criminals. In November 2023 Microsoft “celebrated” the first 20 years of Patch Tuesday, between lights and shadows.
The most critical security updates of January 2024
Examining the list of security vulnerabilities corrected in January 2024, one of the most critical is certainly the one marked with the identifier CVE-2024-20674. This is a problem that affects the authentication protocol Windows Kerberos. In the absence of the patch, an attacker can launch an attack man-in-the-middle and exploit the vulnerability to bypass the authentication process.
The second most critical vulnerability this month is CVE-2024-20700: in this case, the attacker can run code remotely the moment he managed to exploit one race condition in Hyper-V. The race condition is a situation that occurs when the safe behavior of a system depends on the temporal order or sequence of a series of events. If an attacker manages to exploit this mechanism, then anomalies can arise, including the execution of arbitrary code.
In the case of CVE-2024-21307 we are instead faced with a vulnerability that can be activated when an authenticated user connects to a server Desktop remoto harmful. This could lead to remote code execution on the victim’s computer.
The mistake CVE-2024-21318 it is relatively simpler to exploit and affects the installations of SharePoint Server. In this case, the attacker can request remote injection and execution of potentially malicious code.
Although Microsoft does not reveal particular technical information on the vulnerability in question, among the patches of the month the one for the flaw is revealing CVE-2024-20698 which concerns the kernel in Windows. By exploiting it, an attacker can obtain i system privileges acting from a local machine on which you still have minimal access rights.