Contribute to the Windows forum!

Click here to learn more 💡

Windows 11 Forum Top Contributors:

Ramesh Srinivasan - Kapil Arya MVP - neilpzz - RAJU.MSC.MATHEMATICS - _AW_ ✅

Ask a new question

Microsoft January 2024 Security Updates

January 2024 Security Updates

This release consists of the following 48 Microsoft CVEs:

Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?

SQL Server CVE-2024-0056

.NET and Visual Studio CVE-2024-0057

Windows Scripting CVE-2024-20652

Windows Common Log File System Driver CVE-2024-20653

Windows ODBC Driver CVE-2024-20654

Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20655

Visual Studio CVE-2024-20656

Windows Group Policy CVE-2024-20657

Microsoft Virtual Hard Drive CVE-2024-20658

Windows Message Queuing CVE-2024-20660

Windows Message Queuing CVE-2024-20661

Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2024-20662

Windows Message Queuing CVE-2024-20663

Windows Message Queuing CVE-2024-20664

Windows BitLocker CVE-2024-20666

.NET Core & Visual Studio CVE-2024-20672

Windows Authentication Methods CVE-2024-20674

Azure Storage Mover CVE-2024-20676

Microsoft Office CVE-2024-20677

Windows Message Queuing CVE-2024-20680

Windows Subsystem for Linux CVE-2024-20681

Windows Cryptographic Services CVE-2024-20682

Windows Win32K CVE-2024-20683

Windows Win32 Kernel Subsystem CVE-2024-20686

Windows AllJoyn API CVE-2024-20687

Windows Nearby Sharing CVE-2024-20690

Windows Themes CVE-2024-20691

Windows Local Security Authority Subsystem Service (LSASS) CVE-2024-20692

Windows Collaborative Translation Framework CVE-2024-20694

Windows Libarchive CVE-2024-20696

Windows Libarchive CVE-2024-20697

Windows Kernel CVE-2024-20698

Windows Hyper-V CVE-2024-20699

Windows Hyper-V CVE-2024-20700

Unified Extensible Firmware Interface CVE-2024-21305

Microsoft Bluetooth Driver CVE-2024-21306

Remote Desktop Client CVE-2024-21307

Windows Kernel-Mode Drivers CVE-2024-21309

Windows Cloud Files Mini Filter Driver CVE-2024-21310

Windows Cryptographic Services CVE-2024-21311

.NET Framework CVE-2024-21312

Windows TCP/IP CVE-2024-21313

Windows Message Queuing CVE-2024-21314

Windows Server Key Distribution Service CVE-2024-21316

Microsoft Office SharePoint CVE-2024-21318

Microsoft Identity Services CVE-2024-21319

Windows Themes CVE-2024-21320

Microsoft Devices CVE-2024-21325

We are republishing 5 non-Microsoft CVEs:

CNA Tag CVE FAQs? Workarounds? Mitigations?

MITRE Corporation SQLite CVE-2022-35737

Chrome Microsoft Edge (Chromium-based) CVE-2024-0222

Chrome Microsoft Edge (Chromium-based) CVE-2024-0223

Chrome Microsoft Edge (Chromium-based) CVE-2024-0224

Chrome Microsoft Edge (Chromium-based) CVE-2024-0225

Security Update Guide Blog Posts

Date Blog Post

January 11, 2022 Coming Soon: New Security Update Guide Notification System

February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

December 8, 2020 Security Update Guide: Let’s keep the conversation going

November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article Applies To

nstalls KB Article Title

5034121 Windows 11, version 21H2

5034122 Windows 10, version 21H2, Windows 10, version 22H2

5034123 Windows 11, version 22H2, Windows 11, version 23H2

5034127 Windows 10, version 1809, Windows Server 2019

5034167 Windows Server 2008 R2 (Security-only update)

5034169 Windows Server 2008 R2 (Monthly Rollup)

5034173 Windows Server 2008 (Monthly Rollup)

5034176 Windows Server 2008 (Security-only update)

Released: Jan 9, 2024

January 2024 Security Updates - Release Notes - Security Update Guide - Microsoft

This thread is locked. You can vote as helpful, but you cannot reply or subscribe to this thread.

1 person found this helpful

Was this discussion helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this discussion?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this discussion?

Thanks for your feedback.

Replies (0)

Discussion Info

Last updated April 8, 2024 Views 1,458 Applies to: