Skip to content

Description:

Microsoft’s first Patch Tuesday of 2023 fixes 98 vulnerabilities, 11 of which have a critical CVSS severity rating. Of the 98, only one of the vulnerabilities patched this month has been classified as a zero-day, meaning it was actively exploited with no official fix available when first discovered.

The zero-day vulnerability, tracked as CVE-2023-21674, could lead to an attacker being able to escape the sandbox within a web browser and gain SYSTEM privileges if successfully exploited. The vulnerability has a CVSS score of 8.8 and only requires low-level privileges to exploit. However, the researchers who discovered the vulnerability, Jan Vojtěšek, Milánek, and Przemek Gmerek from Avastshared with BleepingComputer that while they observed active exploitation of the vulnerability, they can say that the vulnerability is likely part of a longer infection chain. For the observed exploit to work, the attackers must have already obtained the ability to run native code within the sandboxed renderer process, something usually not possible to do on a fully patched browser.

Several other critical vulnerabilities are related to the Windows Layer 2 Tunnelling Protocol. CVE-2023-21556CVE-2023-21555CVE-2023-21543CVE-2023-21546, and CVE-2023-21679 are all classed as remote code execution vulnerabilities.

There is also a critical vulnerability affecting Microsoft SharePoint Server, tracked as CVE-2023-21744, which is also a remote code execution vulnerability. Here, an authenticated attacker with permission to create a webpage on the targeted SharePoint server could execute code remotely on a SharePoint server by creating a site using specific code. This vulnerability pairs with CVE-2023-21743, allowing an unauthenticated attacker to bypass authentication and make an anonymous connection in a network-based attack.

Information specific to different versions of the Windows operating system, such as Windows Server and Microsoft Exchange servers, are linked within Microsoft’s article on the January 2023 Security Updates.

Applying these updates as soon as possible is highly recommended to mitigate the risk of attack on your device.

Related Links: