Why is it important: Patch Tuesday is an informal term used by Microsoft for the company’s monthly release of bug fixes for its software products. Like every month since October 2003, in January 2023, Microsoft fixed a lot of bugs that could bring havoc and malware to Windows.
After a lighter December 2022 release, January 2023 Patch Tuesday returns to fixing a huge number of security flaws in Microsoft software. The new updates are the latest designed to support Windows 7 and Windows 8 alongside Windows 10 and Windows 11, and they contain fixes for 98 vulnerabilities, including a potentially dangerous zero-day vulnerability.
Beyond Windows, January 2023 Patch Tuesday list of vulnerable programs, features, and roles include .NET Core, Azure, Microsoft Office, Exchange, Visual Studio Code, and more. Windows components in need of fixes include BitLocker, OS Boot Manager, Cryptographic Services, Kernel, Print Spooler components, and much, much more.
Among the 98 vulnerabilities fixed, eleven were classified as “critical”: Microsoft considers them the most dangerous bugs because they can be used to remotely execute code, bypass security features, and elevate user privileges to the SYSTEM level.
Based on the type of flaws and their impact on the system, Microsoft categorized the vulnerabilities as follows: 39 privilege escalation vulnerabilities, 4 security feature bypass vulnerabilities, 33 remote code execution vulnerabilities, 10 information disclosure vulnerabilities, 10 denial of service vulnerabilities. vulnerabilities and 2 forgery vulnerabilities. A complete list of all bug fixes and associated recommendations has been published by Bleeping Computer. available here.
The only zero-day bug that Avast researchers have discovered and has already been exploited by hackers and cybercriminals in the wild is the Windows Advanced Local Procedure Call (ALPC) privilege escalation vulnerability. Also known as CVE-2023-21674, the flaw can lead to exit from the browser sandbox. Microsoft explains that an attacker who successfully exploited this vulnerability could gain SYSTEM access privileges. Another vulnerability in Windows SMB (CVE-2023-21549) has been publicly disclosed but has not yet been exploited.
As usual, Windows Security Updates for January 2023 are already being distributed through the official Windows Update service, update management systems such as WSUS, and as a direct download from the Microsoft Update Catalog. Other companies releasing their security updates in sync with Microsoft patches include Adobe, Cisco, Citrix, Fortinet, Intel, Sap, and Synology.