Microsoft’s January 2024 Patch Tuesday Addresses 49 Vulnerabilities, Including Two Critical Vulnerabilities

Microsoft’s first Patch Tuesday of 2024 has arrived, and it’s a significant one. The tech giant has released fixes for a total of 49 vulnerabilities, including 12 remote code execution (RCE) vulnerabilities and two critical vulnerabilities. 

What’s the January Patch Tuesday update from Microsoft?  

The two most notable vulnerabilities from Microsoft’s January Patch Tuesday include: 

  • CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability. This vulnerability requires an attacker to first gain access to the network before launching an attack.
  • CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability. An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server. 

These vulnerabilities are particularly concerning due to their potential to allow unauthorized access and control over affected systems. The fact that they require network access before an attack can be launched underscores the importance of robust network security measures. 

As of this writing, there were no known actively exploited vulnerabilities this month, making it the second consecutive Patch Tuesday with no zero days. This is a positive trend, but it’s important to remember that the cybersecurity landscape is dynamic and constantly evolving. The absence of zero-day exploits does not mean that systems are immune to threats. 

The complete list of resolved vulnerabilities in the January 2024 Patch Tuesday updates can be viewed in the full report. This comprehensive list provides a detailed overview of the vulnerabilities addressed, offering valuable insights into the current cybersecurity landscape. 

What is Nuspire doing? 

Nuspire applies patches when released, in accordance with vendor recommendations, and actively threat hunts for indications of compromise within client environments. This proactive approach helps to ensure that any potential threats are identified and addressed as quickly as possible. 

What should I do? 

Even though none of the vulnerabilities are listed as publicly known or under active attack at the time of release, it’s still crucial for organizations to review the security updates promptly. The first step is to identify any technologies used within your environment that are affected by these vulnerabilities. Once identified, updates should be provided as soon as possible to prevent malicious threat actors from exploiting these vulnerabilities. 

Threat actors are known to quickly develop new exploits for vulnerabilities once they are announced. Therefore, it’s essential to stay vigilant and proactive in applying these patches to protect your systems and data. 

While this month’s Patch Tuesday has brought with it a number of vulnerabilities, it’s important to remember that they are being actively addressed. By staying informed and taking proactive steps to update your systems, you can help to ensure the security of your network. Remember, the best defense is a good offense. Stay safe, stay updated and stay ahead of the threats.

Have you registered for our next event?