Security News > 2023 > January > Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
![Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches](/static/build/img/news/microsoft-patch-tuesday-one-0-day-win-7-and-8-1-get-last-ever-patches-medium.jpg)
Glaringly obvious at the very top of the list are the names in the Product column of the first nine entries, dealing with an elevation-of-privilege patch denoted CVE-2013-21773 for Windows 7, Windows 8.1, and Windows RT 8.1.
Windows 8.1, which is remembered more as a sort-of "Bug-fix" release for the unlamented and long-dropped Windows 8 than as a real Windows version in its own right, never really caught on.
You'll sometimes read that the comparative unpopularity of Windows 8 is why the next major release after 8.1 was numbered Windows 10, thus deliberately creating a sense of separation between the old version and the new one.
Shed your tears now, because this month sees the very last security updates for the old-school Windows 7 and Windows 8.1 versions.
Intriguingly, the CVE-2023-21674 bug, which is actively in use by attackers, isn't on the Windows 7 patch list, but it does apply to Windows 8.1.
The second bug, CVE-2023-21549, described as publicly known, applies to both Windows 7 and Windows 8.1.
News URL
Related news
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)
- June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft (source)
- Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (source)
- May 2024 Patch Tuesday forecast: A reminder of recent threats and impact (source)
- Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast (source)
- Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-10 | CVE-2023-21674 | Use After Free vulnerability in Microsoft products Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 8.8 |
2023-01-10 | CVE-2023-21549 | Improper Privilege Management vulnerability in Microsoft products Windows SMB Witness Service Elevation of Privilege Vulnerability | 8.8 |