Microsoft Patch Tuesday – Patches for 3 Actively Exploited Windows Vulnerabilities

VTA-00433 – Microsoft Patch Tuesday – Patches for 3 Actively Exploited Windows Vulnerabilities


Microsoft has released their monthly Tuesday patch which addresses 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild. These 75 vulnerabilities or flaws comprise of 9 rated as Critical, and 66 rated as Important in terms of severity. Furthermore, 37 out of the 75 vulnerabilities are considered to be remote code execution (RCE) flaws. It is also important to note that three of these vulnerabilities are being actively exploited in the wild. Below are the three vulnerabilities mentioned :-


1. CVE-2023-21715 (CVSS score: 7.3) – Microsoft Office Security Feature Bypass Vulnerability


2. CVE-2023-21823 (CVSS score: 7.8) – Windows Graphics Component Elevation of Privilege Vulnerability


3. CVE-2023-23376 (CVSS score: 7.8) – Windows Common Log File System (CLFS) Driver Elevation of Privilege Vulnerability

Successful exploitation of the above flaws could enable an adversary to bypass Office macro policies used to block untrusted or malicious files or gain SYSTEM privileges.

Also addressed by Microsoft are multiple RCE defects in Exchange Server, ODBC Driver, PostScript Printer Driver, and SQL Server as well as denial-of-service (DoS) issues impacting Windows iSCSI Service and Windows Secure Channel

Severity:
High

Attack Surfaces:
Endpoint OS, Office 365, Server OS

Tactics:
Credential Access, Defense Evasion, Execution, Initial Access, Privilege Escalation

Techniques:
Exploitation for Credential Access, Exploitation for Defense Evasion, Indirect Command Execution, Command and Scripting Interpreter, User Execution, Exploit Public-Facing Application

Active Defense Tactics:
Disrupt

Active Defense Techniques:
Baseline, Software Manipulation, Standard Operating Procedure

SuperPRO’s Threat Countermeasures Procedures: 
1. Get the latest Microsoft Security Update from their official website.
2. Constantly check and update applications to ensure that it is up to date.
3. As a security precaution, always make sure to have an antivirus installed and keep it up to date as well.

Contributed by:  Aman

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>