January Patching Update: Secure Start to the Year

Happy New Year from all of us at OneNeck! As we enter 2024, we’re back with our monthly patching blog, committed to guiding you through the latest updates and patches. A fresh year brings new opportunities to enhance cybersecurity measures, ensuring that your IT infrastructure remains robust against emerging threats. Starting the year on a secure footing is vital, and our first patching update of the year is designed to help you maintain a resilient and robust defense against cyber threats.

Microsoft’s January Security Overview

In the first month of 2024, Microsoft has addressed a range of vulnerabilities:

• 10 Elevation of Privilege Vulnerabilities
• 7 Security Feature Bypass Vulnerabilities
• 12 Remote Code Execution Vulnerabilities
• 11 Information Disclosure Vulnerabilities
• 6 Denial of Service Vulnerabilities
• 3 Spoofing Vulnerabilities

Notably, this month has no zero-day vulnerabilities in need of patching, which is a decidedly positive start to the year!

Patching Highlights for this Month

The following are among the most critical patches and should be prioritized:

• CVE-2024-20674: A security feature bypass vulnerability in Windows Kerberos.
• CVE-2024-20700: A remote code execution vulnerability in Windows Hyper-V.
• CVE-2024-20683 & CVE-2024-20686: Elevation of privilege vulnerabilities in Win32k.
• CVE-2024-20677: A remote code execution vulnerability in Microsoft Office.
• CVE-2024-21318: A remote code execution vulnerability in Microsoft SharePoint Server.

Additionally, global issues with the BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) updates have been reported, affecting various Windows OS versions. Microsoft has released a guide on automating the update to WinRE images for Windows 10 and Windows 11 to address this security issue, which can be found here.

January’s Linux Patching Updates

Our Linux Team has carefully examined the patches for this month, ensuring crucial vulnerabilities are brought to your attention. Here’s the breakdown:

• CVE-2023-39193: Addresses a critical security concern within Oracle Linux 7’s Unbreakable Enterprise Kernel (UEK) version 4.1.12, enhancing system defenses against malicious attacks.
• CVE-2023-4623: Fortifies Oracle Linux 7’s UEK version 4.14, patching vulnerabilities that potentially compromise system integrity.
• CVE-2023-5178: Updates Oracle Linux 7’s UEK version 5.4.17, targeting security gaps to bolster the kernel’s protective measures.
• CVE-2023-44446: Enhances GStreamer 1’s security, patching vulnerabilities to maintain the integrity and stability of multimedia content processing.
• CVE-2023-5869: Focuses on securing PostgreSQL, a powerful open-source database system, against exploits that could affect data confidentiality and integrity.
• CVE-2023-5557: Updates Tracker Miners, essential tools for indexing and searching data, to close security potentially exploitable loopholes.
• CVE-2023-42917: Provides vital security improvements to WebKit2GTK, the engine behind numerous GNOME applications, ensuring safer web content rendering.
• CVE-2023-45871: Bolsters the security framework of the RHEL 9 Kernel, critical for the operational safety and reliability of Red Hat Enterprise Linux systems.

While classified as moderate, the following updates are essential for maintaining the integrity and security of various system components and services.

• CVE-2022-44638: Fortifies the Pixman library, by patching vulnerabilities that compromise graphic content security.
• CVE-2023-39615: Provides crucial updates to LibXML and closes gaps that can execute arbitrary code or access sensitive information.
• CVE-2022-24963: Focusing on the Apache Portable Runtime (APR) library, and closes security holes affecting a broad range of software, from web servers to database systems.
• CVE-2023-38473: Enhances the security of Avahi, by addressing vulnerabilities that disrupt service discovery or compromise network communications.

Furthermore, updates are rolling out for widely used utilities like Curl and OpenSSL, targeting vulnerabilities to prevent unauthorized access and data breaches.

Microsoft Office & SharePoint Updates

While our scheduled patching activities are comprehensive, they are designed to complement your internal update processes for a wide range of products, including Microsoft Office and SharePoint. We encourage our clients to regularly review and apply updates across all software to ensure the highest level of security. For assistance on integrating these updates seamlessly into your security strategy or to find out how OneNeck can support your efforts, please reach out to our Service Desk.

TLS 1.0 and TLS 1.1 Disabling Updates

Updates to disable TLS 1.0 and TLS 1.1 are forthcoming. There have yet to be announcements of a specific date, but customers are encouraged to ensure their environment is ready for these changes. For more information, please refer to the Tech Community Blog.

New Year, Same Focus on Security

As always, OneNeck is here to assist with your cybersecurity needs. Stay tuned for the next patching blog, and remember to keep your systems secure and up to date.

Stay secure and stay patched!

Each month, OneNeck engineers review newly released updates from vendors, like Microsoft, to understand any known issues, actions required and understand the priority of each. This is done immediately following Patch Tuesday releases, and we monitor for adjustments to patches throughout each month.

The information above is gathered monthly during this review and posted for awareness to our customers. This information is generally updated only once per month and is based on our engineers’ review of the information provided by the vendor at that time. As always, for the most up-to-date patching information, please see the vendor’s website or contact us.

Note: If OneNeck actively manages a device or software that is impacted by any of these vulnerabilities, when necessary, OneNeck will be in direct contact with you regarding remediation.

Additional Resources: