48 Microsoft Windows OS vulnerabilities

Microsoft released its first batch of Patch Tuesday fixes for 2024, addressing fewer security flaws compared to the previous year. This January 2024 Patch Tuesday addresses 48 CVEs, including two critical-severity and 46 important-severity vulnerabilities. Additionally, Microsoft has republished information on 5 non-Microsoft CVEs which include vulnerabilities in Microsoft Edge (Chromium-based) and an SQLite vulnerability. None of the vulnerabilities mentioned are known to have been exploited in the wild.

Let’s take a closer look at the most interesting updates for this month.

Notable Critical Microsoft Vulnerabilities

⭕ Critical |Windows Kerberos Security Feature Bypass Vulnerability

CVE-2024-20674 targets Kerberos, a network authentication protocol that serves as the default Windows authentication protocol. It is utilized for authenticating users and computers on a Windows network and for enabling single sign-on access control. An attacker can exploit this vulnerability by conducting a machine-in-the-middle (MITM) attack and then send a malicious Kerberos message to the client victim machine. This action could bypass authentication and allow the attacker to impersonate the Kerberos authentication server.

⭕ Critical | Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-20700 targets Hyper-V, which is responsible for hardware virtualization. However, for an attack to be initiated, an attacker must first gain access to a restricted network, specifically the same subnet as the hypervisor. Successful exploitation of the vulnerability requires the attacker winning a race condition. If successful, code execution can occur within a SYSTEM context on the Hyper-V host.

‍

Runecast protects you against all of these vulnerabilities

Runecast covers 39 vulnerabilities that specifically affect Windows operating systems, all mentioned below:

Full list of CVEs listed in this patch

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

CVE-2024-21305

Microsoft AllJoyn API Denial of Service Vulnerability

CVE-2024-20687

Windows Kerberos Security Feature Bypass Vulnerability

CVE-2024-20674

BitLocker Security Feature Bypass Vulnerability

CVE-2024-20666

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2024-21310

Windows CoreMessaging Information Disclosure Vulnerability

CVE-2024-20694

Microsoft Common Log File System Elevation of Privilege Vulnerability

CVE-2024-20653

Windows Cryptographic Services Remote Code Execution Vulnerability

CVE-2024-20682

Windows Cryptographic Services Information Disclosure Vulnerability

CVE-2024-21311

Windows Group Policy Elevation of Privilege Vulnerability

CVE-2024-20657

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-20699

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-20700

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-20698

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-21309

Windows Libarchive Remote Code Execution Vulnerability

CVE-2024-20697

Windows Libarchive Remote Code Execution Vulnerability

CVE-2024-20696

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

CVE-2024-20692

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-20660

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-20664

Windows Message Queuing Client (MSMQC) Information Disclosure

CVE-2024-20680

Windows Message Queuing Client (MSMQC) Information Disclosure

CVE-2024-20663

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-21314

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2024-20661

Windows Nearby Sharing Spoofing Vulnerability

CVE-2024-20690

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2024-20654

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

CVE-2024-20662

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability

CVE-2024-20655

Windows HTML Platforms Security Feature Bypass Vulnerability

CVE-2024-20652

Windows Server Key Distribution Service Security Feature Bypass

CVE-2024-21316

Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVE-2024-20681

Windows TCP/IP Information Disclosure Vulnerability

CVE-2024-21313

Windows Themes Information Disclosure Vulnerability

CVE-2024-20691

Windows Themes Spoofing Vulnerability

CVE-2024-21320

Win32k Elevation of Privilege Vulnerability

CVE-2024-20686

Win32k Elevation of Privilege Vulnerability

CVE-2024-20683

‍

Meet other Runecasters here:

Behind-the-Scenes: Meet Andrea Ferrazza

This is some text inside of a div block.

Runecast Behind the Scenes with Lubo Hruban

This is some text inside of a div block.

Runecast Behind the Scenes with Yassine Hakimi

This is some text inside of a div block.

Behind-the-Scenes at Runecast with Steve Bettison

This is some text inside of a div block.

Runecast Behind-the-Scenes | Featuring Daniel Jones

This is some text inside of a div block.

Written by

Adrian Borlea

Adrian is Windows Security Researcher at Runecast and an IT enthusiast with over 10 years of experience. He has worked as a Network and Systems Administrator for various companies and sectors, involved in complex projects starting from infrastructure planning, implementation, troubleshooting and continuous improvement processes.

In the last few years, Adrian has been involved in cyber-security projects, working with multiple tools for vulnerability management, compliance, IDS/IPS, GDPR compliance and infrastructure monitoring against cyber-attacks.

‍

→ Read more from this author

Run Secure and Compliant Workloads Anywhere

Let Runecast detect and assess risks, so you can be fully compliant in minutes.

Get Free Trial

In this article:

⭕ Critical |Windows Kerberos Security Feature Bypass Vulnerability

⭕ Critical | Windows Hyper-V Remote Code Execution Vulnerability

Runecast protects you against all of these vulnerabilities

Microsoft Bluetooth Driver Spoofing Vulnerability

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Remote Desktop Client Remote Code Execution Vulnerability

MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

Microsoft AllJoyn API Denial of Service Vulnerability

Windows Kerberos Security Feature Bypass Vulnerability

BitLocker Security Feature Bypass Vulnerability

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Windows CoreMessaging Information Disclosure Vulnerability

Microsoft Common Log File System Elevation of Privilege Vulnerability

Windows Cryptographic Services Remote Code Execution Vulnerability

Windows Cryptographic Services Information Disclosure Vulnerability

Windows Group Policy Elevation of Privilege Vulnerability

Windows Hyper-V Denial of Service Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Windows Libarchive Remote Code Execution Vulnerability

Windows Libarchive Remote Code Execution Vulnerability

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

Microsoft Message Queuing Information Disclosure Vulnerability

Microsoft Message Queuing Information Disclosure Vulnerability

Windows Message Queuing Client (MSMQC) Information Disclosure

Windows Message Queuing Client (MSMQC) Information Disclosure

Microsoft Message Queuing Information Disclosure Vulnerability

Microsoft Message Queuing Denial of Service Vulnerability

Windows Nearby Sharing Spoofing Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability

Windows HTML Platforms Security Feature Bypass Vulnerability

Windows Server Key Distribution Service Security Feature Bypass

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Windows TCP/IP Information Disclosure Vulnerability

Windows Themes Information Disclosure Vulnerability

Windows Themes Spoofing Vulnerability

Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Meet other Runecasters here:

Run Secure and Compliant Workloads Anywhere