Patch Tuesday Update – January 2024
Frontline.Cloud will include the Microsoft Patch Tuesday checks in the NIRV 4.34.0 and Frontline Agent 2.3 releases.
- Microsoft addressed 49 vulnerabilities in this release, including 2 rated as Critical and 12 Remote Code Execution vulnerabilities.
CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
CVE-2024-20666 | BitLocker Security Feature Bypass Vulnerability | Windows BitLocker | Important | 6.6 | Security Feature Bypass | No | No |
CVE-2024-20674 | Windows Kerberos Security Feature Bypass Vulnerability | Windows Authentication Methods | Critical | 9 | Security Feature Bypass | No | No |
CVE-2024-20677 | Microsoft Office Remote Code Execution Vulnerability | Microsoft Office | Important | 7.8 | Remote Code Execution | No | No |
CVE-2024-20676 | Azure Storage Mover Remote Code Execution Vulnerability | Azure Storage Mover | Important | 8 | Remote Code Execution | No | No |
CVE-2024-20654 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Windows ODBC Driver | Important | 8 | Remote Code Execution | No | No |
CVE-2024-20657 | Windows Group Policy Elevation of Privilege Vulnerability | Windows Group Policy | Important | 7 | Elevation of Privilege | No | No |
CVE-2024-20658 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | Microsoft Virtual Hard Drive | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20680 | Windows Message Queuing Client (MSMQC) Information Disclosure | Windows Message Queuing | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-20682 | Windows Cryptographic Services Remote Code Execution Vulnerability | Windows Cryptographic Services | Important | 7.8 | Remote Code Execution | No | No |
CVE-2024-20683 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20690 | Windows Nearby Sharing Spoofing Vulnerability | Windows Nearby Sharing | Important | 6.5 | Spoofing | No | No |
CVE-2024-20691 | Windows Themes Information Disclosure Vulnerability | Windows Themes | Important | 4.7 | Information Disclosure | No | No |
CVE-2024-20694 | Windows CoreMessaging Information Disclosure Vulnerability | Windows Collaborative Translation Framework | Important | 5.5 | Information Disclosure | No | No |
CVE-2022-35737 | MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow | SQLite | Important | N/A | Remote Code Execution | No | No |
CVE-2024-20696 | Windows Libarchive Remote Code Execution Vulnerability | Windows Libarchive | Important | 7.3 | Remote Code Execution | No | No |
CVE-2024-20697 | Windows Libarchive Remote Code Execution Vulnerability | Windows Libarchive | Important | 7.3 | Remote Code Execution | No | No |
CVE-2024-20698 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20699 | Windows Hyper-V Denial of Service Vulnerability | Windows Hyper-V | Important | 5.5 | Denial of Service | No | No |
CVE-2024-20700 | Windows Hyper-V Remote Code Execution Vulnerability | Windows Hyper-V | Critical | 7.5 | Remote Code Execution | No | No |
CVE-2024-21305 | Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | Unified Extensible Firmware Interface | Important | 4.4 | Security Feature Bypass | No | No |
CVE-2024-21307 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Desktop Client | Important | 7.5 | Remote Code Execution | No | No |
CVE-2024-21313 | Windows TCP/IP Information Disclosure Vulnerability | Windows TCP/IP | Important | 5.3 | Information Disclosure | No | No |
CVE-2024-21325 | Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability | Microsoft Devices | Important | N/A | Remote Code Execution | No | No |
CVE-2024-20672 | .NET Core and Visual Studio Denial of Service Vulnerability | .NET Core & Visual Studio | Important | 7.5 | Denial of Service | No | No |
CVE-2024-0056 | Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | SQL Server | Important | 8.7 | Repudiation:Security Feature Bypass | No | No |
CVE-2024-0057 | NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | .NET and Visual Studio | Important | 9.1 | Security Feature Bypass | No | No |
CVE-2024-20652 | Windows HTML Platforms Security Feature Bypass Vulnerability | Windows Scripting | Important | 7.5 | Security Feature Bypass | No | No |
CVE-2024-20653 | Microsoft Common Log File System Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20655 | Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability | Windows Online Certificate Status Protocol (OCSP) SnapIn | Important | 6.6 | Remote Code Execution | No | No |
CVE-2024-20656 | Visual Studio Elevation of Privilege Vulnerability | Visual Studio | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20660 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-20661 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2024-20662 | Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | Windows Online Certificate Status Protocol (OCSP) SnapIn | Important | 4.9 | Information Disclosure | No | No |
CVE-2024-20663 | Windows Message Queuing Client (MSMQC) Information Disclosure | Windows Message Queuing | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-20664 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-21316 | Windows Server Key Distribution Service Security Feature Bypass | Windows Server Key Distribution Service | Important | 6.1 | Security Feature Bypass | No | No |
CVE-2024-20681 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Windows Subsystem for Linux | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20686 | Win32k Elevation of Privilege Vulnerability | Windows Win32 Kernel Subsystem | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-20687 | Microsoft AllJoyn API Denial of Service Vulnerability | Windows AllJoyn API | Important | 7.5 | Denial of Service | No | No |
CVE-2024-20692 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | Windows Local Security Authority Subsystem Service (LSASS) | Important | 5.7 | Information Disclosure | No | No |
CVE-2024-21306 | Microsoft Bluetooth Driver Spoofing Vulnerability | Microsoft Bluetooth Driver | Important | 5.7 | Spoofing | No | No |
CVE-2024-21309 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Windows Kernel-Mode Drivers | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-21310 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2024-21311 | Windows Cryptographic Services Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.5 | Information Disclosure | No | No |
CVE-2024-21312 | .NET Framework Denial of Service Vulnerability | .NET Framework | Important | 7.5 | Denial of Service | No | No |
CVE-2024-21314 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 6.5 | Information Disclosure | No | No |
CVE-2024-21318 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 8.8 | Remote Code Execution | No | No |
CVE-2024-21319 | Microsoft Identity Denial of service vulnerability | Microsoft Identity Services | Important | 6.8 | Denial of Service | No | No |
CVE-2024-21320 | Windows Themes Spoofing Vulnerability | Windows Themes | Important | 6.5 | Spoofing | No | No |
Quickly Find and Fix Your Most At-Risk Weaknesses
Watch this demo to see how Frontline VM can help.
The post Patch Tuesday Update – January 2024 appeared first on Digital Defense.
*** This is a Security Bloggers Network syndicated blog from Digital Defense authored by Digital Defense by Fortra. Read the original post at: https://www.digitaldefense.com/vulnerability-research/patch-tuesday-update-january-2024/