In January 2024 [3] [5], Microsoft released its Patch Tuesday update [3] [5], which included a total of 49 fixes. This update addressed critical vulnerabilities in the Windows Kerberos authentication protocol and the Windows Hyper-V subsystem, among others.


The first critical fix in the update addressed a security feature bypass vulnerability in the Windows Kerberos authentication protocol (CVE-2024-20674). This vulnerability allowed an unauthenticated attacker to perform a machine-in-the-middle attack and spoof a Kerberos server [2]. Microsoft rates the exploitability of this bug as high and expects to see public exploit code within 30 days [2].

The second critical fix addressed a remote code execution vulnerability in the Windows Hyper-V subsystem (CVE-2024-20700) [4]. This vulnerability does not require authentication or user interaction [2] [5], making it attractive to exploit writers [2]. Successful exploitation requires winning a race condition [2], although the exact method of code execution is not described [2].

In addition to these critical fixes, the update covered various Microsoft products, including NET [1] [3], Visual Studio [3], Azure Storage Mover [3], Microsoft Bluetooth Driver [3], Microsoft Devices [3] [4] [5], Microsoft Identity Services [3], Microsoft Office [3] [5], and Microsoft Office SharePoint [3]. It also addressed 46 important vulnerabilities, including remote code execution (RCE) and information disclosure vulnerabilities [3].


While the Patch Tuesday update provided important fixes for various vulnerabilities, it did not include a patch for a vulnerability called “Stranger Strings” (CVE-2022-35737) in SQLite [3]. This vulnerability was assigned by MITRE and patched in July 2022 [3]. It is crucial for users to be aware of this omission and take appropriate measures to mitigate the risk associated with this vulnerability.