Microsoft released an update that fixed a total of 49 vulnerabilities in its products in January 2024.
This update also addressed issues in five non-Microsoft products, including two critical vulnerabilities.
Among the most serious vulnerabilities fixed by Microsoft were two critical vulnerabilities that could bypass security features.
These vulnerabilities are identified as CVE-2024-20674 and CVE-2024-20700 and require immediate attention due to their serious consequences.
The vulnerabilities spanned various categories, including remote code execution, security feature circumvention, and privilege escalation.
The updated issues affected a number of products across Microsoft’s product line, including Microsoft Server, Visual Studio and the .NET framework. Of particular concern was a critical vulnerability and security feature bypass affecting the .NET Framework and Visual Studio.
Microsoft emphasized that nine of the vulnerabilities considered had a higher risk of exploitation, with severity levels ranging from 7.5 to 9.
The update also fixed additional vulnerabilities in five non-Microsoft products, none of which were publicly exploited.
Microsoft urges users to install the latest updates to protect against possible exploits by cyber attackers.
The company provided a comprehensive list of fixed vulnerabilities, providing exploitation techniques and detailed descriptions.