Microsoft fixed 49 bugs during the January Patch Tuesday round. One of these is a serious remote code execution in Kerberos authentication protocol, which Microsoft expects can be exploited.
Microsoft has cumulative updates KB5034123 for Windows 11 versions 23H2 and 22H2, and KB5034122 released for Windows 10 21H2 and 22H2. In that Patch Tuesday repair round, the company fixes a total of 49 vulnerabilities, a relatively low number. In 12 cases this concerns remote code execution. Two bugs are rated Critical. One of which is CVE-2024-20700, a remote code execution bug in Hyper-V that allowed an attacker to take over a virtual machine. This required first gaining access to a network and a race condition to win’.
Another critical bug is CVE-2024-20674. That is a feature bypass vulnerability in Kerberos authentication protocol. Microsoft says it’s likely that vulnerability will be exploited in the future. An attacker can thus bypass authentication in, for example, an Entra ID, formerly Azure Active Directory, environment by spoofing a user. Microsoft cites a man-in-the-middle attack as an example of how this can be done. The company does not provide any further details about that vulnerability, but gives it a CVSS score of 9.
The Patch Tuesday round also fixes ten privilege escalation bugs, as well as seven ways to bypass a system’s security. Eleven bugs that could be read, six denial-of-service bugs, and three spoofing vulnerabilities have also been fixed.