Microsoft has released “Patch Tuesday” security updates for the month of January. These are vulnerabilities in Windows Products that can be exploited by attackers and compromise Windows systems. Due to these vulnerabilities, Microsoft has released security updates (Patch Tuesday) to address the vulnerabilities of Windows products. This update resolves 40 vulnerabilities in several Windows products as outlined further below in “systems affected”.

The Vulnerabilities or CVEs include:

• CVE-2024-21325 CVE-2024-21320 CVE-2024-21316
• CVE-2024-21314 CVE-2024-21313 CVE-2024-21311
• CVE-2024-21310 CVE-2024-21309 CVE-2024-21307
• CVE-2024-21306 CVE-2024-21305 CVE-2024-20700
• CVE-2024-20699 CVE-2024-20698 CVE-2024-20697
• CVE-2024-20696 CVE-2024-20694 CVE-2024-20692
• CVE-2024-20691 CVE-2024-20690 CVE-2024-20687
• CVE-2024-20686 CVE-2024-20683 CVE-2024-20682
• CVE-2024-20681 CVE-2024-20680 CVE-2024-20674
• CVE-2024-20666 CVE-2024-20664 CVE-2024-20663
• CVE-2024-20662 CVE-2024-20661 CVE-2024-20660
• CVE-2024-20658 CVE-2024-20657 CVE-2024-20655
• CVE-2024-20654 CVE-2024-20653 CVE-2024-20652
• CVE-2022-35737

Microsoft products affected due to these vulnerabilities include:

• Microsoft Printer Metadata Troubleshooter Tool
• Windows 10
• Windows 11
• Windows 11 version 21H2
• Windows Server 2016
• Windows Server 2019
• Windows Server 2022
• Windows Server 2022, 23H2 Edition

Microsoft has provided the following details on the impact of these vulnerabilities.

An attacker could exploit this vulnerability and take control of the affected system.

Administrators are recommended to update/upgrade their Microsoft Products and software with the versions made available on the Microsoft Update Catalogue for the following Knowledge Based (KB) articles.

KB5034119, KB5034121, KB5034122, KB5034123, KB5034127
KB5034129, KB5034130, KB5034134

Administrators can follow the Microsoft Security Update Guidance: https://portal.msrc.microsoft.com/en-us/security-guidance