{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2023-001.pdf"
    },
    "title": "Zero-day and Critical Vulnerabilities in Microsoft Windows",
    "serial_number": "2023-001",
    "publish_date": "11-01-2023 16:50:00",
    "description": "On January 10, 2023, on their first Patch Tuesday of 2023, Microsoft fixed an actively exploited zero-day Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability and a total of 98 flaws. Eleven of them were classified as critical by Microsoft as they allow remote code execution, bypass security features, or elevate privileges. It is highly recommended applying the fixes as soon as possible.",
    "url_title": "2023-001",
    "content_markdown": "---\ntitle: 'Zero-day and Critical Vulnerabilities in Microsoft Windows'\nversion: '1.0'\nnumber: '2023-001'\noriginal_date: 'January 10, 2023'\ndate: 'January 11, 2023'\n---\n\n_History:_\n\n* _11/01/2023 --- v1.0 -- Initial publication_\n  \n# Summary\n\nOn January 10, 2023, on their first Patch Tuesday of 2023, **Microsoft** fixed an actively exploited zero-day Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability and a total of 98 flaws [1]. Eleven of them were classified as **critical** by Microsoft as they allow remote code execution, bypass security features, or elevate privileges.\n\nIt is highly recommended applying the fixes as soon as possible. \n\n# Technical Details\n\nAccording to Microsoft, the zero-day vulnerability `CVE-2023-21674` is a Sandbox escape vulnerability that could lead to the elevation of privileges.\n_An attacker who successfully exploited this vulnerability could gain SYSTEM privileges._ [1][2]\n\nThere is a functional exploit code for the zero-day vulnerability. \n\nThe number of bugs in each vulnerability category is listed below:\n\n* 39 Elevation of Privilege Vulnerabilities\n* 4 Security Feature Bypass Vulnerabilities\n* 33 Remote Code Execution Vulnerabilities\n* 10 Information Disclosure Vulnerabilities\n* 10 Denial of Service Vulnerabilities\n* 2 Spoofing Vulnerabilities\n\n# Affected Products\n\nMultiple versions of Microsoft Windows [2].\nPlease refer to the links provided for each vulnerability in order to identify the exact versions of each affected system and the patch that should be applied.\n\n# Recommendations\n\nCERT-EU highly recommends installing the updates provided by Microsoft.\n\n# References\n\n[1] <https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2023-patch-tuesday-fixes-98-flaws-1-zero-day/>\n\n[2] <https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674>\n\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>11/01/2023 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On January 10, 2023, on their first Patch Tuesday of 2023, <strong>Microsoft</strong> fixed an actively exploited zero-day Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability and a total of 98 flaws [1]. Eleven of them were classified as <strong>critical</strong> by Microsoft as they allow remote code execution, bypass security features, or elevate privileges.</p><p>It is highly recommended applying the fixes as soon as possible. </p><h2 id=\"technical-details\">Technical Details</h2><p>According to Microsoft, the zero-day vulnerability <code>CVE-2023-21674</code> is a Sandbox escape vulnerability that could lead to the elevation of privileges. <em>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</em> [1][2]</p><p>There is a functional exploit code for the zero-day vulnerability. </p><p>The number of bugs in each vulnerability category is listed below:</p><ul><li>39 Elevation of Privilege Vulnerabilities</li><li>4 Security Feature Bypass Vulnerabilities</li><li>33 Remote Code Execution Vulnerabilities</li><li>10 Information Disclosure Vulnerabilities</li><li>10 Denial of Service Vulnerabilities</li><li>2 Spoofing Vulnerabilities</li></ul><h2 id=\"affected-products\">Affected Products</h2><p>Multiple versions of Microsoft Windows [2]. Please refer to the links provided for each vulnerability in order to identify the exact versions of each affected system and the patch that should be applied.</p><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU highly recommends installing the updates provided by Microsoft.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2023-patch-tuesday-fixes-98-flaws-1-zero-day/\">https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2023-patch-tuesday-fixes-98-flaws-1-zero-day/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674\">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}