Microsoft Issues January 2023 Patch Tuesday Updates, Warns of Zero-Day Exploit


One of the vulnerabilities is described as being publicly known at the time of release, and 11 of the 98 flaws are classified as Critical and 87 as Important in terms of severity. Updates for the Windows manufacturer’s Chromium-based Edge browser are anticipated to be released separately.

The vulnerability that is being attacked is CVE-2023-21674 (CVSS score: 8.8), a Windows Advanced Local Procedure Call (ALPC) privilege escalation bug that might be used by an attacker to obtain SYSTEM permissions.

Read More…