3 Zero-days and 100+ vulnerabilities Fixed in Microsoft Security Update

Microsoft has published its October security patches in which over 100 vulnerabilities were fixed in multiple Microsoft products, including Windows 10, Windows 11, Windows Server, Microsoft Office, Skype, and other major Microsoft products.

As per the security patch report, 45 Remote code execution vulnerabilities contributed to 400+ affected Microsoft products. However, only 12 of these 45 critical vulnerabilities were marked as “Critical” by Microsoft.

Apart from these 45 Remote Code Execution Vulnerabilities, there were 26 Elevation of Privilege Vulnerabilities, 17 Denial of Service Vulnerabilities, 12 Information Disclosure Vulnerabilities, 3 Security Feature Bypass Vulnerabilities, and 1 Spoofing Vulnerability addressed.

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Three Actively exploited Zero-days

In addition to this, Microsoft also released patches for three actively exploited Zero-day vulnerabilities, which affect Skype (CVE-2023-41763), WordPad (CVE-2023-36563), and an HTTP/2 Rapid Reset attack (CVE-2023-44487). 

CVE-2023-41763: Skype – Privilege Escalation

A threat actor can exploit this particular vulnerability by making a specially crafted network call to the target Skype for Business server, which leads to the parsing of an HTTP request made to an arbitrary address, resulting in the disclosure of IP addresses or port numbers or both to the threat actor. The severity for this vulnerability has been given as 5.3 (Medium).

“While the attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).” reads the advisory by Microsoft.

CVE-2023-36563: WordPad – Information Disclosure Vulnerability

This vulnerability can be exploited by a threat actor, allowing NTLM hashes to be disclosed. However, this vulnerability has a prerequisite requiring the threat actor to log on to the system first.

After this, the threat actor can run a specially crafted application that could exploit this vulnerability and take control of the affected system. The severity of this vulnerability has been given as 6.5 (Medium).

Microsoft security advisory states, “An attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.” 

CVE-2023-44487 – HTTP/2 Rapid Reset Attack

This particular vulnerability uses the HTTP/2 stream cancellation feature, which resets the many streams quickly. Furthermore, this vulnerability leads to a Denial-of-Service condition on affected servers or applications. This vulnerability was discovered to be exploited in the wild from August through October 2023. The severity of this vulnerability is being analyzed.

Moreover, this vulnerability was addressed collaboratively by Cloudflare, Amazon, and Google. Microsoft also stated that CVE-2023-41763 and CVE-2023-36563 were publicly disclosed.

Users of the affected Microsoft products mentioned in the security advisory are advised to upgrade to the latest versions of the software released in order to prevent the vulnerabilities from getting exploited. 

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

Eswar

Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…

24 hours ago

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…

24 hours ago

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…

24 hours ago

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…

24 hours ago

Araneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability Scanner

Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…

2 days ago

A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…

2 days ago