Thursday, June 20, 2024

3 Zero-days and 100+ vulnerabilities Fixed in Microsoft Security Update

Microsoft has published its October security patches in which over 100 vulnerabilities were fixed in multiple Microsoft products, including Windows 10, Windows 11, Windows Server, Microsoft Office, Skype, and other major Microsoft products.

As per the security patch report, 45 Remote code execution vulnerabilities contributed to 400+ affected Microsoft products. However, only 12 of these 45 critical vulnerabilities were marked as “Critical” by Microsoft.

Apart from these 45 Remote Code Execution Vulnerabilities, there were 26 Elevation of Privilege Vulnerabilities, 17 Denial of Service Vulnerabilities, 12 Information Disclosure Vulnerabilities, 3 Security Feature Bypass Vulnerabilities, and 1 Spoofing Vulnerability addressed.


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Three Actively exploited Zero-days

In addition to this, Microsoft also released patches for three actively exploited Zero-day vulnerabilities, which affect Skype (CVE-2023-41763), WordPad (CVE-2023-36563), and an HTTP/2 Rapid Reset attack (CVE-2023-44487). 

CVE-2023-41763: Skype – Privilege Escalation

A threat actor can exploit this particular vulnerability by making a specially crafted network call to the target Skype for Business server, which leads to the parsing of an HTTP request made to an arbitrary address, resulting in the disclosure of IP addresses or port numbers or both to the threat actor. The severity for this vulnerability has been given as 5.3 (Medium).

“While the attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).” reads the advisory by Microsoft.

CVE-2023-36563: WordPad – Information Disclosure Vulnerability

This vulnerability can be exploited by a threat actor, allowing NTLM hashes to be disclosed. However, this vulnerability has a prerequisite requiring the threat actor to log on to the system first.

After this, the threat actor can run a specially crafted application that could exploit this vulnerability and take control of the affected system. The severity of this vulnerability has been given as 6.5 (Medium).

Microsoft security advisory states, “An attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.” 

CVE-2023-44487 – HTTP/2 Rapid Reset Attack

This particular vulnerability uses the HTTP/2 stream cancellation feature, which resets the many streams quickly. Furthermore, this vulnerability leads to a Denial-of-Service condition on affected servers or applications. This vulnerability was discovered to be exploited in the wild from August through October 2023. The severity of this vulnerability is being analyzed.

Moreover, this vulnerability was addressed collaboratively by Cloudflare, Amazon, and Google. Microsoft also stated that CVE-2023-41763 and CVE-2023-36563 were publicly disclosed.

Users of the affected Microsoft products mentioned in the security advisory are advised to upgrade to the latest versions of the software released in order to prevent the vulnerabilities from getting exploited. 

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.


Latest articles

1inch partners with Blockaid to enhance Web3 security through the 1inch Shield

1inch, a leading DeFi aggregator that provides advanced security solutions to users across the...

Hackers Exploit Progressive Web Apps to Steal Passwords

In a concerning development for cybersecurity, hackers are increasingly leveraging Progressive Web Apps (PWAs)...

INE Security: Optimizing Teams for AI and Cybersecurity

2024 is rapidly shaping up to be a defining year in generative AI. While...

Threat Actor Claims Breach of Jollibee Fast-Food Gaint

A threat actor has claimed responsibility for breaching the systems of Jollibee Foods Corporation,...

Threat Actors Claiming Breach of Accenture Employee Data

Threat actors have claimed responsibility for a significant data breach involving Accenture, one of...

Diamorphine Rootkit Exploiting Linux Systems In The Wild

Threat actors exploit Linux systems because they are prevalent in organizations that host servers,...

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles