🛡️ Tech Update Alert! 🚨 Microsoft rolls out Patch Tuesday updates for January 2024, addressing 48 security flaws! 🔒 Two critical and 46 important issues fixed. No zero-days reported for the second consecutive month. 🌐✨
🆘 Critical Flaws:
CVE-2024-20674: Windows Kerberos Security Feature Bypass
CVE-2024-20700: Windows Hyper-V Remote Code Execution
🌐 The Hyper-V flaw allows remote code execution without authentication or user interaction, but the attacker needs to win a race condition, says Adam Barnett, lead software engineer at Rapid7.
🚫 Microsoft disables FBX file insertion in Word, Excel, PowerPoint, and Outlook due to CVE-2024-20677, preventing potential remote code execution.
🔄 Microsoft recommends using GLB (Binary GL Transmission Format) as a substitute 3D file format in Office, similar to the step taken after the discovery of security flaws in SketchUp files.
🔒 Other Vendors in Action! 🚀
Adobe, AMD, Android, Arm, ASUS, Bosch, Cisco, Dell, F5, Fortinet, Google Chrome, Google Cloud, HP, IBM, Intel, Lenovo, Linux distros (Debian, Oracle, Red Hat, SUSE, Ubuntu), MediaTek, NETGEAR, Qualcomm, Samsung, SAP, Schneider Electric, Siemens, Splunk, Synology, Trend Micro, Zimbra, Zoom, and more have released security updates.
Stay secure, update your software! 💻🔐 #TechSecurity #PatchTuesday #CyberSafety #MicrosoftUpdates