As of the first Patch Tuesday of 2023, Microsoft has fixed 98 security flaws, including those currently being exploited and known vulnerabilities, as per TechRadar. Eleven of these have been labeled "critical" because they allow threat actors to execute malicious code remotely.
Read more for further details.
Microsoft's 2023 Patch Tuesday
The report tells us that one of the vulnerabilities currently being exploited is CVE-2023-21674, a Windows advanced local procedure call (ALPC) elevation of privilege vulnerability. This flaw allows attackers to gain system privileges and has a severity score of 8.8.
As stated in a Microsoft advisory, "This vulnerability could lead to a browser sandbox escape," the flaw was discovered by Avast researchers Jan Vojtek, Milánek, and Przemek Gmerek.
According to Satnam Narang, senior staff research engineer at Tenable, vulnerabilities like CVE-2023-21674 are usually generated by advanced persistent threat (APT) groups as part of targeted attacks. "The likelihood of widespread exploitation of an exploit chain like this in the future is limited due to auto-update functionality used to patch browsers," he stated.
Meanwhile, CVE-2023-21549 is a Windows SMB Witness Service elevation of privilege vulnerability with a similarly high severity score of 8.8. Hackers can exploit this vulnerability to execute remote procedure call functions usually reserved for privileged accounts.
According to the security alert, an attacker can exploit this vulnerability by executing a specially crafted malicious script to perform an RPC call to an RPC host.
More from the Patch
Many other noteworthy vulnerabilities have been fixed in this patch, such as:
- CVE-2023-21743, a Microsoft SharePoint Server security feature bypass vulnerability that allows threat actors to bypass expected user access as an unauthenticated user. "Customers must also trigger a SharePoint upgrade action included in this update to protect their SharePoint farm," according to the tech firm.
- CVE-2023-21762 and CVE-2023-21745, spoofing vulnerabilities in Microsoft Exchange servers
- CVE-2023-21763 and CVE-2023-21764, the elevation of privilege flaws in Exchange servers.
The January update also addresses three more privilege escalation flaws, one in Windows Credential Manager (CVE-2023-21726, CVSS score: 7.8) and three in the Print Spooler component (CVE-2023-21678, CVE-2023-21760, and CVE-2023-21765), TheHackerNews tells us.
It is also important to note that CVE-2023-21678 was reported by the United States National Security Agency (NSA). In total, 39 of the security holes that Microsoft's latest patch fixes can be used to gain more privileges.
CVE-2023-21549 (CVSS score: 8.8), a publicly known elevation of privilege vulnerability in the Windows SMB Witness Service, and another instance of security feature bypass affecting BitLocker round out the list (CVE-2023-21563, CVSS score: 6.8).
Windows 7 Goes Obsolete
It is worth mentioning that these are the final security updates for Windows 7 and Windows 8.1. GuidingTech tells us that Windows 7 has ended its three-year extended security updates period. Windows 8.1 will not get any updates, regardless of whether companies are willing to pay for them.
As a reminder, Windows 8.1 will be discontinued on Jan. 10, so technical support and software updates will no longer be available.
For Windows 8.1, Microsoft will not provide an Extended Security Update (ESU) program. Those who continue to use Windows 8.1 after Jan.10 may face increased security risks or difficulties meeting compliance requirements.
Stay posted here at Tech Times.
Related Article : Microsoft Announces Quarterly Earnings Release Date