• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

Critical Sudo bugs expose major Linux distros to local Root exploits

 | 

Google fined $314M for misusing idle Android users' data

 | 

A flaw in Catwatchful spyware exposed logins of +62,000 users

 | 

China-linked group Houken hit French organizations using zero-days

 | 

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

 | 

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

 | 

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

 | 

Cisco removed the backdoor account from its Unified Communications Manager

 | 

U.S. Sanctions Russia's Aeza Group for aiding crooks with bulletproof hosting

 | 

Qantas confirms customer data breach amid Scattered Spider attacks

 | 

CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025

 | 

U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Hacking
  • Security
  • Microsoft Patch Tuesday for January 2023 fixed actively exploited zero-day

Microsoft Patch Tuesday for January 2023 fixed actively exploited zero-day

Pierluigi Paganini January 11, 2023

Microsoft Patch Tuesday security updates for January 2023 fixed 97 flaws and an actively exploited zero-day.

Microsoft Patch Tuesday security updates for January 2023 addressed a total of 98 vulnerabilities in Microsoft Windows and Windows Components; Office and Office Components; .NET Core and Visual Studio Code, 3D Builder, Azure Service Fabric Container, Windows BitLocker, Windows Defender, Windows Print Spooler Components, and Microsoft Exchange Server.

11 vulnerabilities are rated Critical and 87 are rated Important in severity. 25 of these flaws were submitted through the Zero Day Initiative program.

Microsoft Patch Tuesday Exchange server

One of the flaws addressed this month, tracked as CVE-2023-21674 (CVSS score 8.8), is listed as being in the wild at the time of release. The flaw is a Windows Advanced Local Procedure Call (ALPC) elevation of privilege vulnerability that could lead to a browser sandbox escape. An attacker can exploit this vulnerability to gain SYSTEM privileges.

“This is the one bug listed as under active attack for this month. It allows a local attacker to escalate privileges from sandboxed execution inside Chromium to kernel-level execution and full SYSTEM privileges.” reads the advisory published by ZDI.

Microsoft is aware of active exploitation of the flaw in the wild, but did not share details about the attacks.

The vulnerability was reported by malware researchers Jan Vojtěšek, Milánek, and Przemek Gmerek from Avast.

Another issue fixed by Microsoft is the CVE-2023-21549 (CVSS Score 8.8) flaw, which is listed as publicly known at the time of release. The issue is a Windows Workstation Service Elevation of Privilege vulnerability.

“To exploit this vulnerability, an attacker could execute a specially crafted malicious script which executes an RPC call to an RPC host. This could result in elevation of privilege on the server.” reads the advisory published by Microsoft. “An attacker who successfully exploited this vulnerability could execute RPC functions that are restricted to privileged accounts only.”

Here’s the full list of flaws addressed by Microsoft Patch Tuesday security updates for January 2023:

CVETitleSeverityCVSSPublicExploited
CVE-2023-21674Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege VulnerabilityImportant8.8NoYes
CVE-2023-21549Windows Workstation Service Elevation of Privilege VulnerabilityImportant8.8YesNo
CVE-2023-21561Microsoft Cryptographic Services Elevation of Privilege VulnerabilityCritical8.8NoNo
CVE-2023-21551Microsoft Cryptographic Services Elevation of Privilege VulnerabilityCritical7.8NoNo
CVE-2023-21743Microsoft SharePoint Server Security Feature Bypass VulnerabilityCritical8.2NoNo
CVE-2023-21730Windows Cryptographic Services Remote Code Execution VulnerabilityCritical7.8NoNo
CVE-2023-21543Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21546Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21555Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21556Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21679Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21535Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21548Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNo
CVE-2023-21538.NET Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-217803D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217813D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217823D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217843D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217863D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217913D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217933D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217833D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217853D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217873D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217883D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217893D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217903D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-217923D Builder Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-21531Azure Service Fabric Container Elevation of Privilege VulnerabilityImportant7NoNo
CVE-2023-21563BitLocker Security Feature Bypass VulnerabilityImportant6.8NoNo
CVE-2023-21536Event Tracing for Windows Information Disclosure VulnerabilityImportant4.7NoNo
CVE-2023-21753Event Tracing for Windows Information Disclosure VulnerabilityImportant5.5NoNo
CVE-2023-21547Internet Key Exchange (IKE) Protocol Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21724Microsoft DWM Core Library Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21764Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21763Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21761Microsoft Exchange Server Information Disclosure VulnerabilityImportant7.5NoNo
CVE-2023-21762Microsoft Exchange Server Spoofing VulnerabilityImportant8NoNo
CVE-2023-21745Microsoft Exchange Server Spoofing VulnerabilityImportant8NoNo
CVE-2023-21537Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21732Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant8.8NoNo
CVE-2023-21734Microsoft Office Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-21735Microsoft Office Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-21741Microsoft Office Visio Information Disclosure VulnerabilityImportant7.1NoNo
CVE-2023-21736Microsoft Office Visio Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-21737Microsoft Office Visio Remote Code Execution VulnerabilityImportant7.8NoNo
CVE-2023-21738Microsoft Office Visio Remote Code Execution VulnerabilityImportant7.1NoNo
CVE-2023-21744Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant8.8NoNo
CVE-2023-21742Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant8.8NoNo
CVE-2023-21681Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant8.8NoNo
CVE-2023-21725Microsoft Windows Defender Elevation of Privilege VulnerabilityImportant6.3NoNo
CVE-2023-21779Visual Studio Code Remote Code Execution VulnerabilityImportant7.3NoNo
CVE-2023-21768Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21539Windows Authentication Remote Code Execution VulnerabilityImportant7.5NoNo
CVE-2023-21752Windows Backup Service Elevation of Privilege VulnerabilityImportant7.1NoNo
CVE-2023-21733Windows Bind Filter Driver Elevation of Privilege VulnerabilityImportant7NoNo
CVE-2023-21739Windows Bluetooth Driver Elevation of Privilege VulnerabilityImportant7NoNo
CVE-2023-21560Windows Boot Manager Security Feature Bypass VulnerabilityImportant6.6NoNo
CVE-2023-21726Windows Credential Manager User Interface Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21540Windows Cryptographic Information Disclosure VulnerabilityImportant5.5NoNo
CVE-2023-21550Windows Cryptographic Information Disclosure VulnerabilityImportant5.5NoNo
CVE-2023-21559Windows Cryptographic Services Information Disclosure VulnerabilityImportant6.2NoNo
CVE-2023-21525Windows Encrypting File System (EFS) Denial of Service VulnerabilityImportant5.9NoNo
CVE-2023-21558Windows Error Reporting Service Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21552Windows GDI Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21532Windows GDI Elevation of Privilege VulnerabilityImportant7NoNo
CVE-2023-21542Windows Installer Elevation of Privilege VulnerabilityImportant7NoNo
CVE-2023-21683Windows Internet Key Exchange (IKE) Extension Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21677Windows Internet Key Exchange (IKE) Extension Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21758Windows Internet Key Exchange (IKE) Extension Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21527Windows iSCSI Service Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21755Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21754Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21747Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21748Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21749Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21772Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21773Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21774Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21675Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21750Windows Kernel Elevation of Privilege VulnerabilityImportant7.1NoNo
CVE-2023-21776Windows Kernel Information Disclosure VulnerabilityImportant5.5NoNo
CVE-2023-21757Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21557Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21676Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityImportant8.8NoNo
CVE-2023-21524Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21771Windows Local Session Manager (LSM) Elevation of Privilege VulnerabilityImportant7NoNo
CVE-2023-21728Windows Netlogon Denial of Service VulnerabilityImportant7.5NoNo
CVE-2023-21746Windows NTLM Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21767Windows Overlay Filter Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21766Windows Overlay Filter Information Disclosure VulnerabilityImportant4.7NoNo
CVE-2023-21682Windows Point-to-Point Protocol (PPP) Information Disclosure VulnerabilityImportant5.3NoNo
CVE-2023-21760Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.1NoNo
CVE-2023-21765Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21678Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21759Windows Smart Card Resource Management Server Security Feature Bypass VulnerabilityImportant3.3NoNo
CVE-2023-21541Windows Task Scheduler Elevation of Privilege VulnerabilityImportant7.8NoNo
CVE-2023-21680Windows Win32k Elevation of Privilege VulnerabilityImportant7.8NoNo
Lookin

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

Hacking hacking news information security news IT Information Security Microsoft Patch Tuesday for January 2023 Patch Tuesday Pierluigi Paganini Security Affairs Security News zero-Day

you might also like

Pierluigi Paganini July 08, 2025
IT Worker arrested for selling access in $100M PIX cyber heist
Read more
Pierluigi Paganini July 07, 2025
Taiwan flags security risks in popular Chinese apps after official probe
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    IT Worker arrested for selling access in $100M PIX cyber heist

    Cyber Crime / July 08, 2025

    New Batavia spyware targets Russian industrial enterprises

    Uncategorized / July 07, 2025

    Taiwan flags security risks in popular Chinese apps after official probe

    Security / July 07, 2025

    U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

    Hacking / July 07, 2025

    Hunters International ransomware gang shuts down and offers free decryption keys to all victims

    Cyber Crime / July 06, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT