The January 2023 Patch Tuesday updates are rolling out today

News

Reading time icon 2 min. read

Calendar icon Published on

by Alexandru Poloboc 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Key notes

  • Are you ready for a brand-new batch of monthly security updates?
  • 2023 is here and the first Patch Tuesday rollout is well on its way.
  • Microsoft is gearing preparing to fix Windows OS vulnerabilities.
pt

You know what time it is, folks! It’s the second Tuesday of the month, which means that Microsoft is gearing up to release another batch of security updates.

Even though we are already in 2023, Microsoft still has to work on some of the issues that the various versions of the Windows OS have from 2022.

It will be interesting to see what the Redmond-based tech giant has prepared for us at the beginning of the new year, so let’s explore the possibilities together.

What can I expect from the first 2023 Patch Tuesday rollout?

As you surely remember, in December 2022, Microsoft released a total of 52 patches to address various CVEs, some of them being exploited in the wild.

One that got fixed was the PowerShell Remote Code Execution Vulnerability, a Critical-rated bug that could actually allow an authenticated user to escape the PowerShell Remoting Session Configuration and run unapproved commands on an affected system.

You can find out more about this release by checking out the dedicated article. For now, it’s time to move on to this month’s release.

There actually were no preview updates in December as usual due to the holidays, so the first release of the year is always interesting.

Since the December Patch Tuesday release was small in terms of CVEs fixed, we anticipate a high number of CVEs addressed in both the operating systems and applications updates.

We also have to consider that Microsoft may also want to end the ESU with a set of major updates to fix as many issues as possible.

Keep in mind that the tech giant also disclosed two zero-day vulnerabilities back in September, one for Exchange Server Elevation of Privilege Vulnerability (CVE-2022-41040) and one for Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082).

Both of the above-mentioned vulnerabilities are associated with the ProxyNotShell attacks, in case you didn’t know that.

As a result, a series of interim mitigations were also provided until the patches were released in November, so if you didn’t deploy these updates in the last two months, you are now running at high risk.

We will report back in a few hours, when the patches are released and disclose everything Microsoft has prepared for January 2023.

More about the topics: patch tuesday

Alexandru Poloboc

Alexandru Poloboc Shield

Tech Journalist

With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host. A certified gadget freak, he always feels the need to surround himself with next-generation electronics. When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.