all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)

Add to bookmarks
Jan. 9, 2024, 8 p.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the vulnerabilities fixed this time aroundare under active exploitation or have been previously publicly disclosed. The critical fixes (CVE-2024-20674, CVE-2024-20700) CVE-2024-20674 is a security feature bypass vulnerability that may allow attackers to impersonate Windows’ Kerberos server. “An unauthenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local … More


The post …

bypass bypass vulnerability critical cve don't miss exploitation feature fixes flaws hot stuff hyper-v january january 2024 kerberos microsoft ms office patch patch tuesday security security feature bypass security update sharepoint tenable trend micro tuesday under vulnerabilities vulnerability windows

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Snyk AppRisk Pro leverages AI and third-party integrations for faster risk mitigation 28 minutes ago | www.helpnetsecurity.com
accelerate address application application security +34
Lineaje OSM improves software supply chain security 43 minutes ago | www.helpnetsecurity.com
applications build components development +26
Bitwarden Authenticator protects online services and applications 58 minutes ago | www.helpnetsecurity.com
2fa access accounts app +20
Virsec releases security tools to offer ransomware protection an hour ago | www.helpnetsecurity.com
attacks cybersecurity cybersecurity research edrs +19
2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element 3 hours ago | www.helpnetsecurity.com
accounting breach breaches ciso +22
Securing your organization’s supply chain: Reducing the risks of third parties 3 hours ago | www.helpnetsecurity.com
brain connected cybercrime cybersecurity +26
Understanding emerging AI and data privacy regulations 3 hours ago | www.helpnetsecurity.com
act ai act amp artificial intelligence +39
reNgine: Open-source automated reconnaissance framework for web applications 4 hours ago | www.helpnetsecurity.com
applications automated automation bounty +26
Women rising in cybersecurity roles, but roadblocks remain 4 hours ago | www.helpnetsecurity.com
cybersecurity don't miss entry findings +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs