3 Zero-days and 100+ vulnerabilities Fixed in Microsoft Security Update

Microsoft has published its October security patches in which over 100 vulnerabilities were fixed in multiple Microsoft products, including Windows 10, Windows 11, Windows Server, Microsoft Office, Skype, and other major Microsoft products.

As per the security patch report, 45 Remote code execution vulnerabilities contributed to 400+ affected Microsoft products. However, only 12 of these 45 critical vulnerabilities were marked as “Critical” by Microsoft.

Apart from these 45 Remote Code Execution Vulnerabilities, there were 26 Elevation of Privilege Vulnerabilities, 17 Denial of Service Vulnerabilities, 12 Information Disclosure Vulnerabilities, 3 Security Feature Bypass Vulnerabilities, and 1 Spoofing Vulnerability addressed.

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Three Actively exploited Zero-days

In addition to this, Microsoft also released patches for three actively exploited Zero-day vulnerabilities, which affect Skype (CVE-2023-41763), WordPad (CVE-2023-36563), and an HTTP/2 Rapid Reset attack (CVE-2023-44487). 

CVE-2023-41763: Skype – Privilege Escalation

A threat actor can exploit this particular vulnerability by making a specially crafted network call to the target Skype for Business server, which leads to the parsing of an HTTP request made to an arbitrary address, resulting in the disclosure of IP addresses or port numbers or both to the threat actor. The severity for this vulnerability has been given as 5.3 (Medium).

“While the attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).” reads the advisory by Microsoft.

CVE-2023-36563: WordPad – Information Disclosure Vulnerability

This vulnerability can be exploited by a threat actor, allowing NTLM hashes to be disclosed. However, this vulnerability has a prerequisite requiring the threat actor to log on to the system first.

After this, the threat actor can run a specially crafted application that could exploit this vulnerability and take control of the affected system. The severity of this vulnerability has been given as 6.5 (Medium).

Microsoft security advisory states, “An attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.” 

CVE-2023-44487 – HTTP/2 Rapid Reset Attack

This particular vulnerability uses the HTTP/2 stream cancellation feature, which resets the many streams quickly. Furthermore, this vulnerability leads to a Denial-of-Service condition on affected servers or applications. This vulnerability was discovered to be exploited in the wild from August through October 2023. The severity of this vulnerability is being analyzed.

Moreover, this vulnerability was addressed collaboratively by Cloudflare, Amazon, and Google. Microsoft also stated that CVE-2023-41763 and CVE-2023-36563 were publicly disclosed.

Users of the affected Microsoft products mentioned in the security advisory are advised to upgrade to the latest versions of the software released in order to prevent the vulnerabilities from getting exploited. 

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

Eswar

Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

Blue Yonder Ransomware Attack Impacts Starbucks & Multiple Supermarkets

A ransomware attack on Blue Yonder, a leading supply chain management software provider, has created…

45 minutes ago

Dell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely

Dell Technologies has released a security update for its Wyse Management Suite (WMS) to address…

1 hour ago

CISA Details Red Team Assessment Including TTPs & Network Defense

The Cybersecurity and Infrastructure Security Agency (CISA) recently detailed findings from a Red Team Assessment…

1 hour ago

IBM Workload Scheduler Vulnerability Stores User Credentials in Plain Text

IBM has issued a security bulletin warning customers about a vulnerability in its Workload Scheduler…

2 hours ago

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of…

2 hours ago

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

18 hours ago