Patch Tuesday is once again upon us. The January 2023 edition of Patch Tuesday brings us 101 fixes, with 11 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the January 2023 Patch Tuesday Audit Report
Microsoft SharePoint Server Security Feature Bypass Vulnerability
The most severe issue addressed this month is a Sharepoint vulnerability, CVE-2023-21743. While the CVSS base score is quite low at 5.3. Microsoft has listed it as one of the critical vulnerabilities and has listed that exploitation is more likely.
Once the latest updated have been applied Microsoft mentions that additional steps are still required to fully secure your Sharepoint:
Customers must also trigger a SharePoint upgrade action included in this update to protect their SharePoint farm. The upgrade action can be triggered by running the SharePoint Products Configuration Wizard, the Upgrade-SPFarm PowerShell cmdlet, or the «psconfig.exe -cmd upgrade -inplace b2b» command on each SharePoint server after installing the update.
Additionally, CVE-2023-21742 and CVE-2023-21744 were also Sharepoint vulnerabilities that got fixed.
Windows Layer 2 Tunneling Protocol RCE
A majority of the remaining critical vulnerabilities are issues in the Windows Layer 2 Tunneling Protocol (L2TP). All of them having a CVSS base score of 8.1.
To exploit this, an unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine.
Microsoft Cryptographic Services Vulnerabilities
Multiple vulnerabilities have been fixed in the Microsoft Cryptographic Services. The vulnerabilities include elevation of privilege and information disclosure vulnerabilities with CVSS base score ranging between 5.5 and 8.8.
For the elevation of privilege vulnerabilities, successful exploitation can lead to the attacker gaining SYSTEM privileges. For the information disclosure vulnerabilities, Microsoft lists that the information disclosed would be Windows cryptographic secrets.
Microsoft Exchange Vulnerabilities
Microsoft Exchange got 5 fixes this month. CVE-2023-21745, CVE-2023-21761, CVE-2023-21762, CVE-2023-21763, and CVE-2023-21764. A bit of a mixed bag with two spoofing vulnerabilities, one information disclosure and two elevation of privilege vulnerabilities.
Run the Patch Tuesday January 2023 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday January 2023 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2022-41099 | BitLocker Security Feature Bypass Vulnerability |
CVE-2022-41113 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
CVE-2022-47211 | Microsoft Office Graphics Remote Code Execution Vulnerability |
CVE-2023-21524 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability |
CVE-2023-21525 | Remote Procedure Call Runtime Denial of Service Vulnerability |
CVE-2023-21527 | Windows iSCSI Service Denial of Service Vulnerability |
CVE-2023-21531 | Azure Service Fabric Container Elevation of Privilege Vulnerability |
CVE-2023-21532 | Windows GDI Elevation of Privilege Vulnerability |
CVE-2023-21535 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2023-21536 | Event Tracing for Windows Information Disclosure Vulnerability |
CVE-2023-21537 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
CVE-2023-21538 | .NET Denial of Service Vulnerability |
CVE-2023-21539 | Windows Authentication Remote Code Execution Vulnerability |
CVE-2023-21540 | Windows Cryptographic Information Disclosure Vulnerability |
CVE-2023-21541 | Windows Task Scheduler Elevation of Privilege Vulnerability |
CVE-2023-21542 | Windows Installer Elevation of Privilege Vulnerability |
CVE-2023-21543 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
CVE-2023-21546 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
CVE-2023-21547 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
CVE-2023-21548 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2023-21549 | Windows SMB Witness Service Elevation of Privilege Vulnerability |
CVE-2023-21550 | Windows Cryptographic Information Disclosure Vulnerability |
CVE-2023-21551 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
CVE-2023-21552 | Windows GDI Elevation of Privilege Vulnerability |
CVE-2023-21555 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
CVE-2023-21556 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
CVE-2023-21557 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability |
CVE-2023-21558 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
CVE-2023-21559 | Windows Cryptographic Information Disclosure Vulnerability |
CVE-2023-21560 | Windows Boot Manager Security Feature Bypass Vulnerability |
CVE-2023-21561 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
CVE-2023-21563 | BitLocker Security Feature Bypass Vulnerability |
CVE-2023-21674 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
CVE-2023-21675 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21676 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2023-21677 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
CVE-2023-21678 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2023-21679 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
CVE-2023-21680 | Windows Win32k Elevation of Privilege Vulnerability |
CVE-2023-21681 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
CVE-2023-21682 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability |
CVE-2023-21683 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
CVE-2023-21724 | Microsoft DWM Core Library Elevation of Privilege Vulnerability |
CVE-2023-21725 | Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability |
CVE-2023-21726 | Windows Credential Manager User Interface Elevation of Privilege Vulnerability |
CVE-2023-21728 | Windows Netlogon Denial of Service Vulnerability |
CVE-2023-21730 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
CVE-2023-21732 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2023-21733 | Windows Bind Filter Driver Elevation of Privilege Vulnerability |
CVE-2023-21734 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2023-21735 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2023-21736 | Microsoft Office Visio Remote Code Execution Vulnerability |
CVE-2023-21737 | Microsoft Office Visio Remote Code Execution Vulnerability |
CVE-2023-21738 | Microsoft Office Visio Remote Code Execution Vulnerability |
CVE-2023-21739 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
CVE-2023-21741 | Microsoft Office Visio Information Disclosure Vulnerability |
CVE-2023-21742 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2023-21743 | Microsoft SharePoint Server Security Feature Bypass Vulnerability |
CVE-2023-21744 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2023-21745 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2023-21746 | Windows NTLM Elevation of Privilege Vulnerability |
CVE-2023-21747 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21748 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21749 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21750 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21752 | Windows Backup Service Elevation of Privilege Vulnerability |
CVE-2023-21753 | Event Tracing for Windows Information Disclosure Vulnerability |
CVE-2023-21754 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21755 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21757 | Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability |
CVE-2023-21758 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
CVE-2023-21759 | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability |
CVE-2023-21760 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2023-21761 | Microsoft Exchange Server Information Disclosure Vulnerability |
CVE-2023-21762 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2023-21763 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2023-21764 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2023-21765 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2023-21766 | Windows Overlay Filter Information Disclosure Vulnerability |
CVE-2023-21767 | Windows Overlay Filter Elevation of Privilege Vulnerability |
CVE-2023-21768 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
CVE-2023-21771 | Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability |
CVE-2023-21772 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21773 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21774 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-21776 | Windows Kernel Information Disclosure Vulnerability |
CVE-2023-21779 | Visual Studio Code Remote Code Execution |
CVE-2023-21780 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21781 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21782 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21783 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21784 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21785 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21786 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21787 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21788 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21789 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21790 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21791 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21792 | 3D Builder Remote Code Execution Vulnerability |
CVE-2023-21793 | 3D Builder Remote Code Execution Vulnerability |