[Nulled] » Information security » Microsoft's January PatchTuesday was released with fixes for a record 98 documented software vulnerabilities.
January 16 2023

Microsoft's January PatchTuesday was released with fixes for a record

web3 16-01-2023, 12:43 Information security 179

Microsoft's January PatchTuesday was released with fixes for a record 98 documented software vulnerabilities.

Eleven of them are classified as critical, including 0-day, of which 39 are privilege escalation, 4 are security bypassing, 33 are RCE, 10 are information disclosure, 10 are DoS and 2 are spoofing.

The actively exploited vulnerability CVE-2023-21674 discovered by Avast researchers was used in real attacks to exit the browser sandbox.

However, as usual, Microsoft does not disclose details about the vulnerability or the circumstances of the identified attacks.

It affects the Windows Advanced Local Procedure Call (ALPC) component and allows an attacker to gain system privileges.

The developer also drew attention to CVE-2023-21549, the issue of privilege escalation in Windows SMB Witness Service, warning that technical details about the vulnerability are already publicly available.

To use it, an attacker can execute a specially created malicious script that makes a call to the RPC node, which can lead to an elevation of privileges on the server.

Microsoft added that an attacker who successfully exploited the vulnerability could perform RPC functions available only to privileged accounts.

Other January fixes address code execution, denial of service, and privilege escalation errors in a wide range of WIndows OS and system components, including Office, Net Core and Visual Studio Code, Microsoft Exchange Server, Windows Print Queue Manager, Windows Defender, and Windows BitLocker.

A full list of all closed vulnerabilities can be found here.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: web3
  • Date of publication: 16 January 2023 12:43
  • Publication category(s): Information security
  • Number of views of the publication: 179
  • Number of comments to the publication: 0

Related News

16 January 2023
Information security
An equally impressive

An equally impressive update was released by Google as part of the January patch for Android.

Read more
16 January 2023
Information security
At least 29 security

At least 29 security vulnerabilities have been fixed by Adobe developers in their corporate product line,

Read more
16 January 2023
Information security
The first January ICS

The first January ICS fixes came up with a dozen security recommendations from Siemens and Schneider Electric,

Read more
16 January 2023
Information security
Microsoft, as usual,

Microsoft, as usual, quietly fixed an important security vulnerability in the Azure service (ACS) after

Read more
16 January 2023
Information security
Potentially serious UEFI

Potentially serious UEFI firmware vulnerabilities in Qualcomm Snapdragon chips affect many devices manufactured by

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +5 Total articles 6751
  • +17 Comments 4235
  • +22 Users : 6069