It's #Patchtuesday again! 2023 has started with another #Windows Advanced Local Procedure Call (ALPC) elevation of privilege vulnerability, CVE-2023-21674, from Microsoft. Featuring a local attack vector with low attack complexity and low required privileges, this APLC vulnerability requires no user interaction to be exploited. This elevation of privilege vulnerability exists when Windows improperly handles calls to ALPC, which can elevate an attacker's privileges from sandboxed execution in Chromium to kernel execution and full system privileges.

To exploit this vulnerability, an attacker would first have to log on to the system, run a specially crafted application, and then take control of the affected system. A successful attacker could then execute arbitrary code in the local system security context and install programs that could view, modify, or delete data, or in the worst case, create new accounts with full user privileges.

Since Microsoft has released an official fix for the zero-day bug for Windows 10, Windows 11, 8.1 through Windows Server 2022, Automox recommends applying the patch within 24 hours.

You can get our full Patch Tuesday overview here: https://www.automox.com/blog/patch-tuesday-january-2023

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.