Security News > 2024 > January > Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)
For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700.
CVE-2024-20674 is a security feature bypass vulnerability that may allow attackers to impersonate Windows' Kerberos server.
"An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server," Microsoft explains.
Though an attacker must first gain access to the restricted network before running an attack, Microsoft thinks that the likelihood of attackers exploiting this flaw is considerable and the complexity of attack is low, and has therefore urged admins to prioritize testing and deploying this patch.
Finally, Microsoft has fixed CVE-2024-20677, a vulnerability in Microsoft Office that could lead to remote code execution via FBX files.
"An attacker who successfully exploits this vulnerability could perform a remote attack that could enable access to the victim's information and the ability to alter information. Successful exploitation could also potentially cause downtime for the targeted environment," says Microsoft.
News URL
https://www.helpnetsecurity.com/2024/01/09/cve-2024-20674-cve-2024-20700/
Related news
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- Microsoft: April 2025 updates break Windows Hello on some PCs (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Microsoft starts final Windows Recall testing before rollout (source)
- Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2024-20700 | Race Condition vulnerability in Microsoft products Windows Hyper-V Remote Code Execution Vulnerability | 0.0 |
| 2024-01-09 | CVE-2024-20677 | Unspecified vulnerability in Microsoft products A security vulnerability exists in FBX that could lead to remote code execution. | 0.0 |
| 2024-01-09 | CVE-2024-20674 | Authentication Bypass by Spoofing vulnerability in Microsoft products Windows Kerberos Security Feature Bypass Vulnerability | 0.0 |