Security & Threat Updates – January 2024:

Share This Article

During the month of January 2024, Microsoft has identified 48 vulnerabilities in their current OS. The most critical CVE’s are noted below:

*There aren’t any actively exploited or publicly disclosed vulnerabilities this month.*

Other Critical CVE’s worth mentioning:

  • CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability
    • The bug would allow an unauthenticated attacker to perform a machine-in-the-middle (MitM) that spoofs a Kerberos server.
    • While this vulnerability would take some time to set up, Microsoft has given this bug its highest exploitability index rating (1), which means they expect to see public exploit code within the next month.
  • CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability
    • Successful exploitation of this vulnerability requires an attacker to win a race condition.
    • This vulnerability doesn’t require authentication nor user interaction which makes the severity even greater.
  • CVE-2024-0056 – Microsoft.Data.SqlClient & System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
    • Could allow an AiTM attacker to decrypt, read, or modify TLS traffic between an affected client and server.
  • CVE-2024-0057 – .NET and Visual Studio Framework Security Feature Bypass Vulnerability
    • An attacker could exploit this by creating a specially crafted X.509 certificate that intentionally introduce or intentionally induces a chain building failure.
    • This could allow an adversary to subvert the app’s typical authentication logic.
  • CVE-2024-20672 – .NET Core and Visual Studio Denial of Service Vulnerability
    • Could allow an attacker to cause a Denial of Service within the .NET Core and Visual Studio Codecs.
  • CVE-2024-21312 – .NET Framework Denial of Service Vulnerability
    • Could allow an attacker to cause a Denial of Service within the .NET Framework.

Other 3rd Party Critical CVE’s worth mentioning:

Adobe (not handled by FSRM):

Cisco (not handled by FSRM):

Google Chrome:

  • Version 120.0.6099.216/217 was released on January 9th .
  • Most notable CVE’s addressed:
    • CVE-2024-0333: Insufficient data validation in Extensions.
  • Chrome Release: January 9th 2024

Ivanti (not handled by FSRM):

Juniper (not handled by FSRM):

Mozilla:

SAP (not handled by FSRM):

Additional Links:

Microsoft:

CISA:

ETC:

Fortress SRM recommends expediting your current Patch Installation process to close these vulnerabilities that may be in your environment. If you are interested in taking this accelerated approach, please submit a ticket to [email protected] and one of our 24/7 Security Operational Center Analysts can work with you to determine the accelerated window your company should take.

If you have already taken the steps to expediting your patch process permanently, please treat this email as informative and be rest assured that these will be dealt with in your expedited timeframe.

Should you have any questions or concerns, please do not hesitate to contact us. The Fortress SRM team can be reached anytime at 1-888-890-6272 or by email at [email protected]

For general information on Fortress SRM’s solution offerings please contact your Client Experience Manager.