Microsoft kicked off 2024 with its first Patch Tuesday, delivering a batch of security fixes for 49 vulnerabilities across various products, including Windows, Office, and Hyper-V. While the number of patches might seem smaller compared to some previous rounds, it’s crucial to address the 12 remote code execution (RCE) flaws included, as these vulnerabilities could allow attackers to take control of affected systems.
Key Highlights:
- Microsoft January Patch Tuesday addresses 49 vulnerabilities, including 12 remote code execution (RCE) flaws.
- Two critical vulnerabilities patched: Windows Kerberos security bypass and Hyper-V RCE bug.
- Office RCE vulnerability fixed, disabling FBX 3D model insertion in affected applications.
- No actively exploited or publicly disclosed vulnerabilities identified.
- Users urged to apply updates promptly to maintain system security.
Critical Bugs Patched: Kerberos and Hyper-V in Focus
Among the most noteworthy fixes are two critical vulnerabilities. The first, CVE-2024-20674, resides in Windows Kerberos and could be exploited by attackers to bypass security features and gain unauthorized access to a system. This vulnerability carries a CVSS score of 9.0, highlighting its serious nature. Another critical RCE bug, CVE-2024-20670, affects Hyper-V, Microsoft’s virtualization platform. Successful exploitation could allow attackers to remotely execute code on a virtual machine, potentially compromising the host system as well.
Office RCE Vulnerability: FBX Files Under Scrutiny
Microsoft also addressed an RCE vulnerability in Office applications (CVE-2024-20677) that could be leveraged through maliciously crafted documents containing embedded FBX 3D model files. To mitigate this risk, Microsoft has temporarily disabled the ability to insert FBX files in Word, Excel, PowerPoint, and Outlook versions for both Windows and Mac. Users are advised to keep these applications updated and exercise caution when opening documents from untrusted sources.
Other Patched Vulnerabilities and Overall Risk
The remaining vulnerabilities addressed in this Patch Tuesday span various categories, including elevation of privilege flaws, security feature bypasses, information disclosure vulnerabilities, and denial-of-service bugs. While none of these are currently known to be exploited in the wild, applying the updates remains crucial to maintain a robust security posture.
Prioritizing Patch Deployment and Staying Vigilant
Microsoft strongly encourages users and administrators to deploy the January Patch Tuesday updates as soon as possible. These updates are available through various channels, including Windows Update, Microsoft Update Catalog, and WSUS. It’s also important to stay vigilant and follow security best practices, such as using strong passwords, exercising caution when clicking on links or opening attachments, and avoiding downloading software from untrusted sources.
By taking these steps, users can mitigate the risks associated with the vulnerabilities addressed in Microsoft’s January Patch Tuesday and help maintain the security of their systems.
