Skip to main content

Microsoft Monthly Security Update (January 2023)

Release Date: 11 Jan 2023 6316 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
WindowsHigh Risk High RiskElevation of Privilege
Remote Code Execution
Denial of Service
Information Disclosure
Security Restriction Bypass
CVE-2023-21674 is being exploited in the wild. Note: The local attacker could lead to a browser sandbox escape and allow to gain SYSTEM privileges on a wide variety of Windows and Windows Server installations. The risk level is rated as High Risk.
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Remote Code Execution
Denial of Service
Security Restriction Bypass
Information Disclosure
 
Developer ToolsMedium Risk Medium RiskDenial of Service
Remote Code Execution
 
System CenterMedium Risk Medium RiskElevation of Privilege 
Microsoft OfficeMedium Risk Medium RiskRemote Code Execution
Information Disclosure
Security Restriction Bypass
 
Exchange ServerMedium Risk Medium RiskInformation Disclosure
Spoofing
Elevation of Privilege
 
AppsMedium Risk Medium RiskRemote Code Execution 
AzureMedium Risk Medium RiskElevation of Privilege 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 7

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': High Risk


Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Spoofing
  • Security Restriction Bypass

System / Technologies affected

  • Windows
  • Extended Security Updates (ESU)
  • Developer Tools
  • System Center
  • Microsoft Office
  • Exchange Server
  • Apps
  • Azure

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier


Source


Related Link