This month, Microsoft addressed 49 new CVEs (CVE-2024-20674) in Microsoft Windows and Windows Components; Office and Office Components; Azure; .NET Framework and Visual Studio; SQL Server; Windows Hyper-V; and Internet Explorer. The release incorporates multiple Chromium bugs, bringing the total number of CVEs to 53. Of the new patches, 47 are rated Important and two are rated Critical in severity, coincidentally the same number of CVEs addressed in both the January 2019 and January 2020 releases. None of the CVEs released today are publicly known or under active attack at the time of release. Let’s take a closer look at some of the more interesting updates for this month, starting with a security feature bypass in Kerberos:
Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674)
This month, there are two critical-rated patches, and this is one of them. The highest-rated CVSS for this month, the bug would allow an unauthenticated attacker to perform a machine-in-the-middle (MitM) that spoofs a Kerberos server. An affected client would receive what they believe to be authentic messages from the Kerberos authentication server. While this would certainly take some setting up, Microsoft gives the bug its highest exploitability index rating (1), which means they expect to see public exploit code within 30 days. Make sure to test and deploy this update quickly.
Vulnerability Details
- CVE: CVE-2024-20674
- Title: Windows Kerberos Security Feature Bypass vulnerability.
- Severity: Critical
- CVSS: 9
- Public: No
- Exploited: No
- Type: SFB
More information in the web vendor.
CVE-2024-20674 – Mitigation
Remember to actively update your systems and adhere to security best practices to safeguard your computing assets.
- Update Your Systems: Microsoft has released security updates to address this vulnerability. Make sure to apply the relevant updates.
- Monitor Your Network: Keep a log of network activities and look for signs of MITM attacks or impersonation.
- Layered Security: Implement additional security measures like firewalls and anomaly detection for layered security.
