Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Two zero-day vulnerabilities addressed in this advisory were reported by Microsoft, one of which is currently being exploited in the wild.
From Windows Office to Workstation Services… most products appear to be impacted. Please visit this page and set the timeline from Dec. 2022 to Jan. 2023 :
https://msrc.microsoft.com/update-guide
There are currently no reports of these vulnerabilities being exploited in the wild.
SYSTEMS AFFECTED:
Source:
https://msrc.microsoft.com/update-guide/releaseNote/2023-Jan
https://helpx.adobe.com/
Additional Reading:
Naked Security: Microsoft Zero Day and Last Patches Ever for Windows 7 and 8.1
ZDNet Security Blog: Microsoft Delivers Massive 98 Patches in Jan.
SecurityWeek Blog: Adobe Patches 29 Vulnerabilities in Jan.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Spoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...
Read moreStop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.