Microsoft Windows Security Updates January 2023 overview

mkoundo

mkoundo

Level 8
Thread author
Verified
Well-known
Jul 21, 2017
358
Content source
https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2023-patch-tuesday-fixes-98-flaws-1-zero-day/

Microsoft January 2023 Patch Tuesday fixes 98 flaws, 1 zero-day​

Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws.

This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as 'Critical.'

Microsoft gave the vulnerabilities this severity rating as they allow remote code execution, bypass security features, or elevate privileges.

The number of bugs in each vulnerability category is listed below:

  • 39 Elevation of Privilege Vulnerabilities
  • 4 Security Feature Bypass Vulnerabilities
  • 33 Remote Code Execution Vulnerabilities
  • 10 Information Disclosure Vulnerabilities
  • 10 Denial of Service Vulnerabilities
  • 2 Spoofing Vulnerabilities
Click to expand...
www.bleepingcomputer.com

Microsoft January 2023 Patch Tuesday fixes 98 flaws, 1 zero-day

Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: BryanB, silversurfer, Gandalf_The_Grey and 10 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 74
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,334
The Januari 2023 Security Update Review
Welcome to the first patch Tuesday of the new year. As expected, Adobe and Microsoft have released their latest fixes and updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.

Adobe Patches for January 2023

For January, Adobe released four patches addressing 29 CVEs in Adobe Acrobat and Reader, InDesign, InCopy, and Adobe Dimension. A total of 22 of these bugs were submitted through the ZDI program. The update for Reader fixes 15 bugs with eight of these being ranked Critical in severity. The most severe of these would allow arbitrary code execution if an affected system opened a specially crafted file. The patch for InDesign fixes six bug, four of which are rated Critical. Similar to the Reader patch, opening a malicious file could result in code execution. That’s also true for InCopy, which also received fixes for six CVEs. The update for Dimension only addresses two CVEs, but the fix also includes an update for dependencies in SketchUp. The old version has February 22 timestamp, while the version shipped today is stamped November 9.

None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release. Adobe categorizes these updates as a deployment priority rating of 3.

Microsoft Patches for January 2023

This month, Microsoft released 98 new patches addressing CVEs in Microsoft Windows and Windows Components; Office and Office Components; .NET Core and Visual Studio Code, 3D Builder, Azure Service Fabric Container, Windows BitLocker, Windows Defender, Windows Print Spooler Components, and Microsoft Exchange Server. A total of 25 of these CVEs were submitted through the ZDI program.

Of the 98 new patches released today, 11 are rated Critical and 87 are rated Important in severity. This volume is the largest we’ve seen from Microsoft for a January release in quite some time. It will be interesting to see if this volume of fixes continues throughout the year.

One of the new CVEs released this month is listed as publicly known and one is listed as being in the wild at the time of release.
Click to expand...
www.zerodayinitiative.com

Zero Day Initiative — The January 2023 Security Update Review

Welcome to the first patch Tuesday of the new year. As expected, Adobe and Microsoft have released their latest fixes and updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for January 2023 For Jan
www.zerodayinitiative.com www.zerodayinitiative.com
 
  • Like
  • +Reputation
Reactions: BryanB, silversurfer, harlan4096 and 2 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 74
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,334
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs
Replies
2
Views
769
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
Microsoft May 2023 Patch Tuesday fixes 3 zero-days, 38 flaws
Replies
6
Views
1,584
News Archive
simmerskool
simmerskool
Gandalf_The_Grey
    • Like
    • +Reputation
Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws
Replies
1
Views
496
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top