Microsoft has issued patches for 48 security vulnerabilities in the first Patch Tuesday of 2024. With a relatively low number of patches\u2014and only two of them critical\u2014this makes it a relatively quiet month, which is certainly not the norm in January.<\/p>\n
The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVE IDs for the two critical vulnerabilities are:<\/p>\n
CVE-2024-20674<\/a> is a Windows Kerberos security feature bypass vulnerability with a CVSS score<\/a> of 9.0 out of 10. An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM)<\/a> attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server.<\/p>\n Kerberos is an authentication protocol that is used to verify the identity of a user or host. To make use of this vulnerability the attacker will need to gain access to the restricted network before being able to run an attack. Nevertheless Microsoft thinks exploitation is \u201cmore likely,\u201d which means the vulnerability could be exploited as part of an attack chain.<\/p>\n CVE-2024-20700<\/a> is a Windows Hyper-V Remote Code Execution (RCE) vulnerability with a CVSS score of 7.5 out of 10. Successful exploitation of this vulnerability might be hard because it requires an attacker to win a race condition and they will need to first gain access to the restricted network before running an attack.<\/p>\n Hyper-V is the Windows hardware virtualization service. It enables users to create and run a software version of a computer, called a virtual machine<\/a>. Sometimes these virtual machines are attractive targets for cybercriminals. But the advisory is not very clear on the exact circumstances or context that would allow the RCE.<\/p>\n One other vulnerability, classified as important, that might turn out to be of interest, at least for some users, is:<\/p>\n CVE-2024-20677<\/a> is a Microsoft Office Remote Code Execution (RCE) vulnerability with a CVSS score of 7.8 out of 10. The security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365.<\/p>\n FBX files are a type of 3D model file created using the Autodesk FBX software. When you try to insert an FBX file into Word, Excel, PowerPoint, and Outlook, you will see the following error: \u201cAn error occurred while importing this file.\u201d If you\u2019d like to re-enable this ability, you can find the reasons why you shouldn\u2019t and the method how to do it on this Microsoft Support page<\/a>.<\/p>\n Other vendors have synchronized their periodic updates with Microsoft. Here are few major ones that you may find in your environment.<\/p>\n We don\u2019t just report on vulnerabilities\u2014we identify them, and prioritize action.<\/strong><\/p>\n Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using\u00a0ThreatDown Vulnerability and Patch Management<\/a>.<\/p>\nOther vendors<\/h3>\n
\n
\n