Patch Tuesday

​Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws.

This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as 'Critical.'

Microsoft gave the vulnerabilities this severity rating as they allow remote code execution, bypass security features, or elevate privileges.

The number of bugs in each vulnerability category is listed below:

  • 39 Elevation of Privilege Vulnerabilities
  • 4 Security Feature Bypass Vulnerabilities
  • 33 Remote Code Execution Vulnerabilities
  • 10 Information Disclosure Vulnerabilities
  • 10 Denial of Service Vulnerabilities
  • 2 Spoofing Vulnerabilities

One zero-day fixed

This month's Patch Tuesday fixes one zero-day vulnerability, one actively exploited and the other publicly disclosed.

Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.

The actively exploited zero-day vulnerability fixed in today's updates is:

CVE-2023-21674 - Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability discovered by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast.

Microsoft states that this is a Sandbox escape vulnerability that can lead to the elevation of privileges.

"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," explains Microsoft's advisory.

Avast shared the following information about the zero-day with BleepingComputer:

"We have discovered the zero-day by using our anti-exploit engine, which monitors for suspicious application behavior and detects indicators of ongoing exploitation activity. We observed an active exploitation of the vulnerability, and also can say that the vulnerability is likely part of a longer infection chain through browser, because for the CVE-2023-21674 exploit to work, the attackers already had to somehow obtain the ability to run arbitrary native code inside a sandboxed renderer process. This is something that is normally not possible against a fully patched browser unless the attackers possess a separate renderer 0-day exploit. However, we do not have the full chain." - Avast.

Microsoft also stated that 'CVE-2023-21549 - Windows SMB Witness Service Elevation of Privilege Vulnerability' was publicly disclosed.

However, BleepingComputer was told by Akamai security researcher Stiv Kupchik that they followed the regular disclosure process and the vulnerability should not be classified as publicly disclosed.

Recent updates from other companies

Other vendors who released updates in January 2023 include:

The January 2023 Patch Tuesday Security Updates

Below is the complete list of resolved vulnerabilities and released advisories in the January 2023 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Tag CVE ID CVE Title Severity
.NET Core CVE-2023-21538 .NET Denial of Service Vulnerability Important
3D Builder CVE-2023-21782 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21781 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21783 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21784 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21791 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21793 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21786 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21790 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21780 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21792 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21789 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21785 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21787 3D Builder Remote Code Execution Vulnerability Important
3D Builder CVE-2023-21788 3D Builder Remote Code Execution Vulnerability Important
Azure Service Fabric Container CVE-2023-21531 Azure Service Fabric Container Elevation of Privilege Vulnerability Important
Microsoft Bluetooth Driver CVE-2023-21739 Windows Bluetooth Driver Elevation of Privilege Vulnerability Important
Microsoft Exchange Server CVE-2023-21764 Microsoft Exchange Server Elevation of Privilege Vulnerability Important
Microsoft Exchange Server CVE-2023-21763 Microsoft Exchange Server Elevation of Privilege Vulnerability Important
Microsoft Exchange Server CVE-2023-21762 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2023-21761 Microsoft Exchange Server Information Disclosure Vulnerability Important
Microsoft Exchange Server CVE-2023-21745 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Graphics Component CVE-2023-21680 Windows Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2023-21532 Windows GDI Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2023-21552 Windows GDI Elevation of Privilege Vulnerability Important
Microsoft Local Security Authority Server (lsasrv) CVE-2023-21728 Windows Netlogon Denial of Service Vulnerability Important
Microsoft Message Queuing CVE-2023-21537 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2023-21734 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2023-21735 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2023-21742 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2023-21743 Microsoft SharePoint Server Security Feature Bypass Vulnerability Critical
Microsoft Office SharePoint CVE-2023-21744 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2023-21741 Microsoft Office Visio Information Disclosure Vulnerability Important
Microsoft Office Visio CVE-2023-21736 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2023-21737 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2023-21738 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2023-21681 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2023-21779 Visual Studio Code Remote Code Execution Important
Windows ALPC CVE-2023-21674 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2023-21768 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Authentication Methods CVE-2023-21539 Windows Authentication Remote Code Execution Vulnerability Important
Windows Backup Engine CVE-2023-21752 Windows Backup Service Elevation of Privilege Vulnerability Important
Windows Bind Filter Driver CVE-2023-21733 Windows Bind Filter Driver Elevation of Privilege Vulnerability Important
Windows BitLocker CVE-2023-21563 BitLocker Security Feature Bypass Vulnerability Important
Windows Boot Manager CVE-2023-21560 Windows Boot Manager Security Feature Bypass Vulnerability Important
Windows Credential Manager CVE-2023-21726 Windows Credential Manager User Interface Elevation of Privilege Vulnerability Important
Windows Cryptographic Services CVE-2023-21559 Windows Cryptographic Information Disclosure Vulnerability Important
Windows Cryptographic Services CVE-2023-21551 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Critical
Windows Cryptographic Services CVE-2023-21561 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Critical
Windows Cryptographic Services CVE-2023-21540 Windows Cryptographic Information Disclosure Vulnerability Important
Windows Cryptographic Services CVE-2023-21730 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Critical
Windows Cryptographic Services CVE-2023-21550 Windows Cryptographic Information Disclosure Vulnerability Important
Windows DWM Core Library CVE-2023-21724 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows Error Reporting CVE-2023-21558 Windows Error Reporting Service Elevation of Privilege Vulnerability Important
Windows Event Tracing CVE-2023-21536 Event Tracing for Windows Information Disclosure Vulnerability Important
Windows IKE Extension CVE-2023-21758 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Important
Windows IKE Extension CVE-2023-21683 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Important
Windows IKE Extension CVE-2023-21677 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Important
Windows Installer CVE-2023-21542 Windows Installer Elevation of Privilege Vulnerability Important
Windows Internet Key Exchange (IKE) Protocol CVE-2023-21547 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability Important
Windows iSCSI CVE-2023-21527 Windows iSCSI Service Denial of Service Vulnerability Important
Windows Kernel CVE-2023-21755 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2023-21753 Event Tracing for Windows Information Disclosure Vulnerability Important
Windows Layer 2 Tunneling Protocol CVE-2023-21556 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-21555 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-21543 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-21546 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-21679 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Critical
Windows LDAP - Lightweight Directory Access Protocol CVE-2023-21676 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Important
Windows LDAP - Lightweight Directory Access Protocol CVE-2023-21557 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows Local Security Authority (LSA) CVE-2023-21524 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Important
Windows Local Session Manager (LSM) CVE-2023-21771 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability Important
Windows Malicious Software Removal Tool CVE-2023-21725 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability Important
Windows Management Instrumentation CVE-2023-21754 Windows Kernel Elevation of Privilege Vulnerability Important
Windows NTLM CVE-2023-21746 Windows NTLM Elevation of Privilege Vulnerability Important
Windows ODBC Driver CVE-2023-21732 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows Overlay Filter CVE-2023-21766 Windows Overlay Filter Information Disclosure Vulnerability Important
Windows Overlay Filter CVE-2023-21767 Windows Overlay Filter Elevation of Privilege Vulnerability Important
Windows Point-to-Point Tunneling Protocol CVE-2023-21682 Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability Important
Windows Print Spooler Components CVE-2023-21760 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Print Spooler Components CVE-2023-21765 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Print Spooler Components CVE-2023-21678 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Remote Access Service L2TP Driver CVE-2023-21757 Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability Important
Windows RPC API CVE-2023-21525 Remote Procedure Call Runtime Denial of Service Vulnerability Important
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2023-21548 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2023-21535 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Smart Card CVE-2023-21759 Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability Important
Windows Task Scheduler CVE-2023-21541 Windows Task Scheduler Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21772 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21748 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21773 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21747 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21776 Windows Kernel Information Disclosure Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21774 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21750 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21675 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Virtual Registry Provider CVE-2023-21749 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Workstation Service CVE-2023-21549 Windows SMB Witness Service Elevation of Privilege Vulnerability Important

Related Articles:

Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

Windows 10 KB5034763 update released with new fixes, changes

Windows 11 KB5035853 update released, here's what's new

Windows 10 KB5035845 update released with 9 new changes, fixes