This Tuesday, Microsoft released the first scheduled updates for its users for the year 2023. The January Patch Tuesday update bundle addressed 98 different vulnerabilities in various Microsoft products, including a zero-day.
Microsoft Addressed A Zero-Day Vulnerability
The most important bug fix with the January 2023 Patch Tuesday addressed a privilege escalation vulnerability in the Windows Advanced Local Procedure Call (ALPC). Identified as CVE-2023-21674, this vulnerability received an important severity rating from Microsoft and a CVSS score of 8.8.
Microsoft has confirmed detecting active exploitation of this vulnerability in the past month, despite no public disclosure. As described in its advisory, exploiting the flaw could allow an adversary to gain SYSTEM privileges due to the browser sandbox escape.
Besides, another important vulnerability – also a privilege escalation – existed in the Windows SMB Witness Service. This vulnerability became publicly known before a fix could arrive, but it remained safe from exploitations.
This elevation of privilege flaw, CVE-2023-21549, also received a CVSS score of 8.8. According to Microsoft’s advisory, an adversary could exploit the flaw by executing malicious scripts to execute an RPC call to the target RPC host. Consequently, the attacker could gain elevated privileges to execute RPC functions on the target server.
Other January Patch Tuesday Updates From Microsoft
Alongside the two crucial bug fixes, this Patch Tuesday also addressed 11 critical and 85 important severity vulnerabilities. Whereas it includes no moderate or low-severity vulnerability fix. It shows the first monthly update of 2023 is huge, addressing significant security issues across different products.
Regarding the subsequent impact, most of these vulnerabilities could allow privilege escalation (39 issues), followed by remote code execution flaws (33). In addition, a few other vulnerabilities could result in information disclosure (10), denial of service (10), security feature bypass (4), and spoofing (2).
While most Microsoft products will automatically receive the recent patches, users should still check their systems manually for any security updates to receive the fixes at the earliest.
Let us know your thoughts in the comments.