During the month of January 2024, Microsoft has identified 48 vulnerabilities in their current OS. The most critical CVE’s are noted below:
*There aren’t any actively exploited or publicly disclosed vulnerabilities this month.*
Other Critical CVE’s worth mentioning:
- CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability
- The bug would allow an unauthenticated attacker to perform a machine-in-the-middle (MitM) that spoofs a Kerberos server.
- While this vulnerability would take some time to set up, Microsoft has given this bug its highest exploitability index rating (1), which means they expect to see public exploit code within the next month.
- CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability
- Successful exploitation of this vulnerability requires an attacker to win a race condition.
- This vulnerability doesn’t require authentication nor user interaction which makes the severity even greater.
- CVE-2024-0056 – Microsoft.Data.SqlClient & System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
- Could allow an AiTM attacker to decrypt, read, or modify TLS traffic between an affected client and server.
- CVE-2024-0057 – .NET and Visual Studio Framework Security Feature Bypass Vulnerability
- An attacker could exploit this by creating a specially crafted X.509 certificate that intentionally introduce or intentionally induces a chain building failure.
- This could allow an adversary to subvert the app’s typical authentication logic.
- CVE-2024-20672 – .NET Core and Visual Studio Denial of Service Vulnerability
- Could allow an attacker to cause a Denial of Service within the .NET Core and Visual Studio Codecs.
- CVE-2024-21312 – .NET Framework Denial of Service Vulnerability
- Could allow an attacker to cause a Denial of Service within the .NET Framework.
Other 3rd Party Critical CVE’s worth mentioning:
Adobe (not handled by FSRM):
- Adobe released 1 patch covering 6 CVE’s for Adobe Substance 3D Stager.
Cisco (not handled by FSRM):
- Cisco Releases Security Updates for Multiple Products
- Cisco released security updates for a privilege elevation flaw in the Cisco Identity Services Engine
Google Chrome:
- Version 120.0.6099.216/217 was released on January 9th .
- Most notable CVE’s addressed:
- CVE-2024-0333: Insufficient data validation in Extensions.
- Chrome Release: January 9th 2024
Ivanti (not handled by FSRM):
Juniper (not handled by FSRM):
Mozilla:
- Security Vulnerabilities fixed in Firefox 121
- Security Vulnerabilities fixed in Firefox ESR 115.6
- Security Vulnerabilities fixed in Thunderbird 115.6
SAP (not handled by FSRM):
Additional Links:
Microsoft:
CISA:
- Apple Releases Security Updates for Multiple Products
- Cisco Releases Security Advisory for Cisco Unity Connection
- Fortinet Releases Security Updates for FortiOS and FortiProxy
- Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways
- Microsoft Releases Security Updates for Multiple Products
- Mozilla Releases Security Updates for Firefox and Thunderbird
- Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved
- Juniper Releases Security Advisory for Juniper Secure Analytics
ETC:
Fortress SRM recommends expediting your current Patch Installation process to close these vulnerabilities that may be in your environment. If you are interested in taking this accelerated approach, please submit a ticket to [email protected] and one of our 24/7 Security Operational Center Analysts can work with you to determine the accelerated window your company should take.
If you have already taken the steps to expediting your patch process permanently, please treat this email as informative and be rest assured that these will be dealt with in your expedited timeframe.
Should you have any questions or concerns, please do not hesitate to contact us. The Fortress SRM team can be reached anytime at 1-888-890-6272 or by email at [email protected].
For general information on Fortress SRM’s solution offerings please contact your Client Experience Manager.