دیروز سه شنبه، مایکروسافت وصله های سه شنبه ماه ژانویه را منتشر کرد و یک آسیب پذیری Zero-day که مورد بهره برداری قرار گرفته و جمعا 98 آسیب پذیری را رفع نموده است. 11 مورد از آنها در دسته آسیب پذیری های “حیاتی” قرار می گیرند.
تعداد هر آسیب پذیری در دسته بندی های زیر مشخص شده است:
- 39 Elevation of Privilege Vulnerabilities
- 4 Security Feature Bypass Vulnerabilities
- 33 Remote Code Execution Vulnerabilities
- 10 Information Disclosure Vulnerabilities
- 10 Denial of Service Vulnerabilities
- 2 Spoofing Vulnerabilities
آسیب پذیری Zero-day
در بین وصله های این ماه، وصله ای برای آسیب پذیری Zero-day ای که مورد بهره برداری قرار گرفته و به صورت عمومی افشا شده نیز منتشر شده است.
مشخصات این آسیب پذیری به صورت زیر است:
CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
به گزارش مایکروسافت این یک آسیب پذیری فرار sandbox بوده و امکان بالا بردن مجوزهای دسترسی را به مهاجم می دهد.
مهاجمی که از این آسیب پذیری بهره برداری موفقیت آمیز داشته باشد، می تواند مجوزهای SYSTEM را به دست آورد. چگونگی استفاده آنها از آسیب مذکور در حملات هنوز مشخص نیست.
آسیب پذیری دیگری با شماره شناسایی CVE-2023-21549 گزارش شده و مایکروسافت معتقد است که به صورت عمومی نیز منتشر شده اما محققان امنیتی می گویند با توجه به بررسی های انجام شده، نمی توان این آسیب پذیری را افشا شده تلقی کرد.
آپدیتهای اخیر سایر شرکتها
Adobe released security updates for numerous products.
Cisco released security updates for Cisco IP Phone 7800 and 8800 phones.
Citrix released security updates for Cisco Identity Services.
Fortinet released security updates for various products.
Intel released a security update for oneAPI Toolkits.
SAP has released its January 2023 Patch Day updates.
Synology released a security update for its Synology VPN Plus Server.
لیست کامل به روز رسانی مایکروسافت در جدول زیر ارائه شده است :
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Core | CVE-2023-21538 | .NET Denial of Service Vulnerability | Important |
| 3D Builder | CVE-2023-21782 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21781 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21783 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21784 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21791 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21793 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21786 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21790 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21780 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21792 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21789 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21785 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21787 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-21788 | 3D Builder Remote Code Execution Vulnerability | Important |
| Azure Service Fabric Container | CVE-2023-21531 | Azure Service Fabric Container Elevation of Privilege Vulnerability | Important |
| Microsoft Bluetooth Driver | CVE-2023-21739 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-21764 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-21763 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-21762 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-21761 | Microsoft Exchange Server Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-21745 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Graphics Component | CVE-2023-21680 | Windows Win32k Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2023-21532 | Windows GDI Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2023-21552 | Windows GDI Elevation of Privilege Vulnerability | Important |
| Microsoft Local Security Authority Server (lsasrv) | CVE-2023-21728 | Windows Netlogon Denial of Service Vulnerability | Important |
| Microsoft Message Queuing | CVE-2023-21537 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2023-21734 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2023-21735 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2023-21742 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2023-21743 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2023-21744 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office Visio | CVE-2023-21741 | Microsoft Office Visio Information Disclosure Vulnerability | Important |
| Microsoft Office Visio | CVE-2023-21736 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft Office Visio | CVE-2023-21737 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft Office Visio | CVE-2023-21738 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft WDAC OLE DB provider for SQL | CVE-2023-21681 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2023-21779 | Visual Studio Code Remote Code Execution | Important |
| Windows ALPC | CVE-2023-21674 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2023-21768 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Authentication Methods | CVE-2023-21539 | Windows Authentication Remote Code Execution Vulnerability | Important |
| Windows Backup Engine | CVE-2023-21752 | Windows Backup Service Elevation of Privilege Vulnerability | Important |
| Windows Bind Filter Driver | CVE-2023-21733 | Windows Bind Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows BitLocker | CVE-2023-21563 | BitLocker Security Feature Bypass Vulnerability | Important |
| Windows Boot Manager | CVE-2023-21560 | Windows Boot Manager Security Feature Bypass Vulnerability | Important |
| Windows Credential Manager | CVE-2023-21726 | Windows Credential Manager User Interface Elevation of Privilege Vulnerability | Important |
| Windows Cryptographic Services | CVE-2023-21559 | Windows Cryptographic Information Disclosure Vulnerability | Important |
| Windows Cryptographic Services | CVE-2023-21551 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Critical |
| Windows Cryptographic Services | CVE-2023-21561 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Critical |
| Windows Cryptographic Services | CVE-2023-21540 | Windows Cryptographic Information Disclosure Vulnerability | Important |
| Windows Cryptographic Services | CVE-2023-21730 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Critical |
| Windows Cryptographic Services | CVE-2023-21550 | Windows Cryptographic Information Disclosure Vulnerability | Important |
| Windows DWM Core Library | CVE-2023-21724 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows Error Reporting | CVE-2023-21558 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important |
| Windows Event Tracing | CVE-2023-21536 | Event Tracing for Windows Information Disclosure Vulnerability | Important |
| Windows IKE Extension | CVE-2023-21758 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | Important |
| Windows IKE Extension | CVE-2023-21683 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | Important |
| Windows IKE Extension | CVE-2023-21677 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | Important |
| Windows Installer | CVE-2023-21542 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Internet Key Exchange (IKE) Protocol | CVE-2023-21547 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | Important |
| Windows iSCSI | CVE-2023-21527 | Windows iSCSI Service Denial of Service Vulnerability | Important |
| Windows Kernel | CVE-2023-21755 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2023-21753 | Event Tracing for Windows Information Disclosure Vulnerability | Important |
| Windows Layer 2 Tunneling Protocol | CVE-2023-21556 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Critical |
| Windows Layer 2 Tunneling Protocol | CVE-2023-21555 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Critical |
| Windows Layer 2 Tunneling Protocol | CVE-2023-21543 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Critical |
| Windows Layer 2 Tunneling Protocol | CVE-2023-21546 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Critical |
| Windows Layer 2 Tunneling Protocol | CVE-2023-21679 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Critical |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2023-21676 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2023-21557 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows Local Security Authority (LSA) | CVE-2023-21524 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important |
| Windows Local Session Manager (LSM) | CVE-2023-21771 | Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | Important |
| Windows Malicious Software Removal Tool | CVE-2023-21725 | Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability | Important |
| Windows Management Instrumentation | CVE-2023-21754 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows NTLM | CVE-2023-21746 | Windows NTLM Elevation of Privilege Vulnerability | Important |
| Windows ODBC Driver | CVE-2023-21732 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Important |
| Windows Overlay Filter | CVE-2023-21766 | Windows Overlay Filter Information Disclosure Vulnerability | Important |
| Windows Overlay Filter | CVE-2023-21767 | Windows Overlay Filter Elevation of Privilege Vulnerability | Important |
| Windows Point-to-Point Tunneling Protocol | CVE-2023-21682 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability | Important |
| Windows Print Spooler Components | CVE-2023-21760 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2023-21765 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2023-21678 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Service L2TP Driver | CVE-2023-21757 | Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | Important |
| Windows RPC API | CVE-2023-21525 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important |
| Windows Secure Socket Tunneling Protocol (SSTP) | CVE-2023-21548 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical |
| Windows Secure Socket Tunneling Protocol (SSTP) | CVE-2023-21535 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical |
| Windows Smart Card | CVE-2023-21759 | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | Important |
| Windows Task Scheduler | CVE-2023-21541 | Windows Task Scheduler Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21772 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21748 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21773 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21747 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21776 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21774 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21750 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21675 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Virtual Registry Provider | CVE-2023-21749 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Workstation Service | CVE-2023-21549 | Windows SMB Witness Service Elevation of Privilege Vulnerability | Important |
