JPCERT-AT-2023-0002 JPCERT/CC 2023-01-11 <<< JPCERT/CC Alert 2023-01-11 >>> Microsoft Releases January 2023 Security Updates https://www.jpcert.or.jp/english/at/2023/at230002.html I. Overview Microsoft has released January 2023 Security Updates to address the vulnerabilities in their products. Remote attackers leveraging these vulnerabilities may be able to execute arbitrary code. It is recommended to check the information provided by Microsoft and apply the updates. Microsoft Corporation January 2023 Security Updates https://msrc.microsoft.com/update-guide/en-us/releaseNote/2023-Jan Microsoft Corporation Microsoft Security Updates for January 2023 (Monthly) (Japanese) https://msrc-blog.microsoft.com/2023/1/10/202301-security-update/ According to Microsoft, among these vulnerabilities, the following vulnerability has been confirmed to be exploited in the wild. Please consider applying the security update programs by referring to the information provided by Microsoft. CVE-2023-21674 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21674 II. Solution Please apply the security update programs through Microsoft Update, Windows Update, etc. as soon as possible. Microsoft Update Catalog https://www.catalog.update.microsoft.com/ Windows Update: FAQ https://support.microsoft.com/en-us/help/12373/windows-update-faq III. References Microsoft Corporation Release Notes https://msrc.microsoft.com/update-guide/releaseNote Microsoft Corporation Windows 8.1 support will end on January 10, 2023 https://support.microsoft.com/en-us/windows/windows-8-1-support-will-end-on-january-10-2023-3cfd4cde-f611-496a-8057-923fba401e93 If you have any information regarding this alert, please contact JPCERT/CC. ====================================================================== JPCERT Coordination Center (Early Warning Group) MAIL: ew-info@jpcert.or.jp https://www.jpcert.or.jp/english/