Key Takeaways:
- Microsoft released Patch Tuesday updates for Windows 11 and Windows 10, addressing 49 security vulnerabilities in various products, including Windows, Microsoft Office, Azure, and SQL Server.
- Microsoft also addressed issues such as unexpected shutdowns on Windows 11 and Windows 10 PCs.
- Microsoft announced the end of mainstream support for Exchange Server 2019, but extended support will continue until October 14, 2025.
Microsoft has released yesterday the January 2024 Patch Tuesday updates for Windows 11 and Windows 10 devices. This month’s Patch Tuesday includes fixes for 49 security vulnerabilities in Windows, Microsoft Office, Azure, SQL Server, and more.
Microsoft also announced the end of mainstream support for Exchange Server 2019 on January 9. However, it will continue to receive extended support until October 14, 2025.
“Per the Exchange Server 2019 lifecycle, Exchange Server 2019 is now in Extended support. But, as we said last November, a lot more is coming for Exchange Server 2019. There are still two more CUs for Exchange Server 2019: CU14 and CU15. CU14 is in its final stages of testing and validation and will be released as soon as that’s finished. CU15 will be released later this year,” the Exchange team explained.
2 critical vulnerabilities fixed with the January 2024 Patch Tuesday updates
Among the 49 security flaws, two are rated “Critical” and there are also 47 vulnerabilities that are rated “Important” in severity. However, Microsoft confirmed that these flaws are not currently being exploited by attackers.
Let’s take a look at some of the most important security flaws Microsoft fixed this month:
- CVE-2024-20674: This Windows Kerberos security feature bypass vulnerability could allow hackers to perform a machine-in-the-middle (MitM) that spoofs a Kerberos server. However, the attacker would first need to gain access to the corporate network. The security flaw impacts both desktop and server systems.
- CVE-2024-20700: It’s a critical remote code execution (RCE) vulnerability in Windows Hyper-V hypervisor. The threat actor would need access to the network to exploit the security flaw and win a race condition. However, the attacker doesn’t need authentication or user interaction for successful exploitation.
- CVE-2024-0056: This Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass vulnerability could allow an MITM attacker to execute a man-in-the-middle attack to view or tamper with Transport Layer Security (TLS) traffic between server and clients. Microsoft said that IT admins would need to follow the steps detailed on this support page to protect Windows devices.
- CVE-2024-20677: This security vulnerability could allow hackers to execute remote code through an Office document with an FBX file. The update blocks access to the FBX feature in Office 2021, Office 2019, Office LTSC for Mac 2021, and Microsoft 365 Apps for Enterprise.
- CVE-2024-21318: This is an 8.8-out-of-10 rated security vulnerability in Microsoft SharePoint Server. It could let an unauthenticated attacker run malicious code on the SharePoint Server.
| Product | Impact | Max Severity | Article | Download | Details |
| Microsoft .NET Framework 2.0 Service Pack 2 | Security Feature Bypass | Important | 5034280 | Monthly Rollup | CVE-2024-0056 |
| Microsoft .NET Framework 2.0 Service Pack 2 | Security Feature Bypass | Important | 5034270 | Security Only | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8.1 | Security Feature Bypass | Important | 5033920 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8.1 | Security Feature Bypass | Important | 5034272 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8.1 | Security Feature Bypass | Important | 5034275 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8.1 | Security Feature Bypass | Important | 5034274 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8.1 | Security Feature Bypass | Important | 5034276 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 | Security Feature Bypass | Important | 5034279 | Monthly Rollup | CVE-2024-0056 |
| Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 | Security Feature Bypass | Important | 5034278 | Monthly Rollup | CVE-2024-0056 |
| Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 | Security Feature Bypass | Important | 5034269 | Security Only | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.7.2 | Security Feature Bypass | Important | 5034119 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.7.2 | Security Feature Bypass | Important | 5034273 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8 | Security Feature Bypass | Important | 5034275 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8 | Security Feature Bypass | Important | 5034274 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8 | Security Feature Bypass | Important | 5034276 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8 | Security Feature Bypass | Important | 5034272 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 AND 4.8 | Security Feature Bypass | Important | 5034273 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 4.8 | Security Feature Bypass | Important | 5034279 | Monthly Rollup | CVE-2024-0056 |
| Microsoft .NET Framework 4.8 | Security Feature Bypass | Important | 5034278 | Monthly Rollup | CVE-2024-0056 |
| Microsoft .NET Framework 4.8 | Security Feature Bypass | Important | 5034277 | Monthly Rollup | CVE-2024-0056 |
| Microsoft .NET Framework 4.8 | Security Feature Bypass | Important | 5034269 | Security Only | CVE-2024-0056 |
| Microsoft .NET Framework 4.8 | Security Feature Bypass | Important | 5033910 | Security Update | CVE-2024-0056 |
| Microsoft .NET Framework 3.5 | Denial of Service | Important | 5034279 | Monthly Rollup | CVE-2024-21312 |
| Microsoft .NET Framework 3.5 | Denial of Service | Important | 5034278 | Monthly Rollup | CVE-2024-21312 |
| Microsoft .NET Framework 3.0 Service Pack 2 | Security Feature Bypass | Important | 5034280 | Monthly Rollup | CVE-2024-0057 |
| Microsoft .NET Framework 3.0 Service Pack 2 | Security Feature Bypass | Important | 5034270 | Security Only | CVE-2024-0057 |
| Microsoft Identity Model v5.0.0 for Nuget | Denial of Service | Important | Release Notes | Security Update | CVE-2024-21319 |
| Microsoft Identity Model v7.0.0 | Denial of Service | Important | Release Notes | Security Update | CVE-2024-21319 |
| Microsoft Identity Model v5.0.0 | Denial of Service | Important | Release Notes | Security Update | CVE-2024-21319 |
| Microsoft Identity Model v6.0.0 | Denial of Service | Important | Release Notes | Security Update | CVE-2024-21319 |
| Microsoft Identity Model v7.0.0 for Nuget | Denial of Service | Important | Release Notes | Security Update | CVE-2024-21319 |
| Microsoft Identity Model v6.0.0 for Nuget | Denial of Service | Important | Release Notes | Security Update | CVE-2024-21319 |
| .NET 8.0 | Denial of Service | Important | 5033741 | Security Update | CVE-2024-21319 |
| .NET 7.0 | Denial of Service | Important | 5033734 | Security Update | CVE-2024-21319 |
| Microsoft Office LTSC 2021 for 32-bit editions | Remote Code Execution | Important | Click to Run | Security Update | CVE-2024-20677 |
| Microsoft Office LTSC 2021 for 64-bit editions | Remote Code Execution | Important | Click to Run | Security Update | CVE-2024-20677 |
| Microsoft Office LTSC for Mac 2021 | Remote Code Execution | Important | CVE-2024-20677 | ||
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Remote Code Execution | Important | Click to Run | Security Update | CVE-2024-20677 |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Remote Code Execution | Important | Click to Run | Security Update | CVE-2024-20677 |
| Microsoft Office 2019 for 64-bit editions | Remote Code Execution | Important | Click to Run | Security Update | CVE-2024-20677 |
| Microsoft Office 2019 for 32-bit editions | Remote Code Execution | Important | Click to Run | Security Update | CVE-2024-20677 |
| Microsoft SQL Server 2022 for x64-based Systems (CU 10) | Security Feature Bypass | Important | 5033592 | Security Update | CVE-2024-0056 |
| Microsoft Visual Studio 2022 version 17.8 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft Visual Studio 2022 version 17.6 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft Visual Studio 2022 version 17.4 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft Visual Studio 2022 version 17.2 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Windows Server 2012 R2 (Server Core installation) | Spoofing | Important | 5034171 | Monthly Rollup | CVE-2024-21320 |
| Windows Server 2012 R2 | Spoofing | Important | 5034171 | Monthly Rollup | CVE-2024-21320 |
| Windows Server 2012 (Server Core installation) | Spoofing | Important | 5034184 | Monthly Rollup | CVE-2024-21320 |
| Windows Server 2012 | Spoofing | Important | 5034184 | Monthly Rollup | CVE-2024-21320 |
| Windows Server 2016 (Server Core installation) | Spoofing | Important | 5034119 | Security Update | CVE-2024-21320 |
| Windows Server 2016 | Spoofing | Important | 5034119 | Security Update | CVE-2024-21320 |
| Windows 10 Version 1607 for x64-based Systems | Spoofing | Important | 5034119 | Security Update | CVE-2024-21320 |
| Windows 10 Version 1607 for 32-bit Systems | Spoofing | Important | 5034119 | Security Update | CVE-2024-21320 |
| Windows 10 for x64-based Systems | Spoofing | Important | 5034134 | Security Update | CVE-2024-21320 |
| Windows 10 for 32-bit Systems | Spoofing | Important | 5034134 | Security Update | CVE-2024-21320 |
| Windows 11 Version 23H2 for x64-based Systems | Spoofing | Important | 5034123 | Security Update | CVE-2024-21320 |
| Windows 11 Version 23H2 for ARM64-based Systems | Spoofing | Important | 5034123 | Security Update | CVE-2024-21320 |
| Windows 10 Version 22H2 for 32-bit Systems | Spoofing | Important | 5034122 | Security Update | CVE-2024-21320 |
| Windows 10 Version 22H2 for ARM64-based Systems | Spoofing | Important | 5034122 | Security Update | CVE-2024-21320 |
| Windows 10 Version 22H2 for x64-based Systems | Spoofing | Important | 5034122 | Security Update | CVE-2024-21320 |
| Windows 11 Version 22H2 for x64-based Systems | Spoofing | Important | 5034123 | Security Update | CVE-2024-21320 |
| Windows 11 Version 22H2 for ARM64-based Systems | Spoofing | Important | 5034123 | Security Update | CVE-2024-21320 |
| Windows 10 Version 21H2 for x64-based Systems | Spoofing | Important | 5034122 | Security Update | CVE-2024-21320 |
| Windows 10 Version 21H2 for ARM64-based Systems | Spoofing | Important | 5034122 | Security Update | CVE-2024-21320 |
| Windows 10 Version 21H2 for 32-bit Systems | Spoofing | Important | 5034122 | Security Update | CVE-2024-21320 |
| Windows 11 version 21H2 for ARM64-based Systems | Spoofing | Important | 5034121 | Security Update | CVE-2024-21320 |
| Windows 11 version 21H2 for x64-based Systems | Spoofing | Important | 5034121 | Security Update | CVE-2024-21320 |
| Windows Server 2022 (Server Core installation) | Spoofing | Important | 5034129 | Security Update | CVE-2024-21320 |
| Windows Server 2022 | Spoofing | Important | 5034129 | Security Update | CVE-2024-21320 |
| Windows Server 2019 (Server Core installation) | Spoofing | Important | 5034127 | Security Update | CVE-2024-21320 |
| Windows Server 2019 | Spoofing | Important | 5034127 | Security Update | CVE-2024-21320 |
| Windows 10 Version 1809 for ARM64-based Systems | Spoofing | Important | 5034127 | Security Update | CVE-2024-21320 |
| Windows 10 Version 1809 for x64-based Systems | Spoofing | Important | 5034127 | Security Update | CVE-2024-21320 |
| Windows 10 Version 1809 for 32-bit Systems | Spoofing | Important | 5034127 | Security Update | CVE-2024-21320 |
| Microsoft SharePoint Server Subscription Edition | Remote Code Execution | Important | 5002540 | Security Update | CVE-2024-21318 |
| Microsoft SharePoint Server 2019 | Remote Code Execution | Important | 5002539 | Security Update | CVE-2024-21318 |
| Microsoft SharePoint Enterprise Server 2016 | Remote Code Execution | Important | 5002541 | Security Update | CVE-2024-21318 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Remote Code Execution | Important | 5034169 | Monthly Rollup | CVE-2024-21307 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Remote Code Execution | Important | 5034167 | Security Only | CVE-2024-21307 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Remote Code Execution | Important | 5034169 | Monthly Rollup | CVE-2024-21307 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Remote Code Execution | Important | 5034167 | Security Only | CVE-2024-21307 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | Spoofing | Important | 5034130 | Security Update | CVE-2024-21306 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Information Disclosure | Important | 5034173 | Monthly Rollup | CVE-2024-20692 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Information Disclosure | Important | 5034176 | Security Only | CVE-2024-20692 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | Information Disclosure | Important | 5034173 | Monthly Rollup | CVE-2024-20692 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | Information Disclosure | Important | 5034176 | Security Only | CVE-2024-20692 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Information Disclosure | Important | 5034173 | Monthly Rollup | CVE-2024-20692 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Information Disclosure | Important | 5034176 | Security Only | CVE-2024-20692 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | Information Disclosure | Important | 5034173 | Monthly Rollup | CVE-2024-20692 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | Information Disclosure | Important | 5034176 | Security Only | CVE-2024-20692 |
| Microsoft Visual Studio 2015 Update 3 | Elevation of Privilege | Important | 5030979 | Security Update | CVE-2024-20656 |
| Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10) | Elevation of Privilege | Important | Release Notes | Security Update | CVE-2024-20656 |
| Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8) | Elevation of Privilege | Important | Release Notes | Security Update | CVE-2024-20656 |
| Windows Server 2012 R2 (Server Core installation) | Security Feature Bypass | Important | 5034120 | IE Cumulative | CVE-2024-20652 |
| Windows Server 2012 R2 | Security Feature Bypass | Important | 5034120 | IE Cumulative | CVE-2024-20652 |
| Windows Server 2012 (Server Core installation) | Security Feature Bypass | Important | 5034120 | IE Cumulative | CVE-2024-20652 |
| Windows Server 2012 | Security Feature Bypass | Important | 5034120 | IE Cumulative | CVE-2024-20652 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Security Feature Bypass | Important | 5034120 | IE Cumulative | CVE-2024-20652 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Security Feature Bypass | Important | 5034120 | IE Cumulative | CVE-2024-20652 |
| .NET 6.0 | Denial of Service | Important | 5033733 | Security Update | CVE-2024-20672 |
| CBL Mariner 2.0 x64 | sqlite | CBL-Mariner | CVE-2022-35737 | ||
| CBL Mariner 2.0 ARM | sqlite | CBL-Mariner | CVE-2022-35737 | ||
| CBL Mariner 1.0 x64 | sqlite | CBL-Mariner | CVE-2022-35737 | ||
| CBL Mariner 1.0 ARM | sqlite | CBL-Mariner | CVE-2022-35737 | ||
| System.Data.SqlClient | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft.Data.SqlClient 5.1 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft.Data.SqlClient 4.0 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft.Data.SqlClient 3.1 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft.Data.SqlClient 2.1 | Security Feature Bypass | Important | Release Notes | Security Update | CVE-2024-0056 |
| Microsoft Printer Metadata Troubleshooter Tool | Remote Code Execution | Important | Release Notes | Security Update | CVE-2024-21325 |
| Azure Storage Mover Agent | Remote Code Execution | Important | Release Notes | Security Update | CVE-2024-20676 |
| Microsoft SQL Server 2022 for x64-based Systems (GDR) | Security Feature Bypass | Important | 5032968 | Security Update | CVE-2024-0056 |
Quality and experience updates
Microsoft addressed an issue that caused Windows 11 version 23H2 and 22H2 devices to shut down after 60 seconds. It affects users who use smart cards for remote authentication on Windows 11 PCs. Additionally, Microsoft fixed a bug that was previously preventing Wi-Fi adapters from connecting to some networks. The company noted that using the 802.1X network protocol for Wi-Fi network authentication increases the likelihood of encountering this issue.
Microsoft released the KB5034122 update to address the same unexpected shutdown issue on Windows 10 devices. Microsoft also continues the rollout of the new Copilot AI assistant to more Windows 10 users in December 2023.
Windows Update testing and best practices
It’s important to note that organizations should be cautious when deploying security patches on Windows machines in production environments. IT administrators should conduct complete testing to avoid potential issues that may arise. However, it’s important to apply the patches as soon as possible to block hackers from exploiting new security vulnerabilities.
Microsoft recommends administrators to ensure that they have properly backed up their systems before applying updates. It should help to prevent issues with buggy Windows updates that often lead to boot failures, hardware compatibility issues, or even data loss.
Windows and Windows Server have built-in backup tools that can be used to restore an entire system or files/folders on a granular basis. The standard practice is to perform a data backup daily, or if not possible, at least once a week.