VTA-00433 – Microsoft Patch Tuesday – Patches for 3 Actively Exploited Windows Vulnerabilities
Microsoft has released their monthly Tuesday patch which addresses 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild. These 75 vulnerabilities or flaws comprise of 9 rated as Critical, and 66 rated as Important in terms of severity. Furthermore, 37 out of the 75 vulnerabilities are considered to be remote code execution (RCE) flaws. It is also important to note that three of these vulnerabilities are being actively exploited in the wild. Below are the three vulnerabilities mentioned :-
1. CVE-2023-21715 (CVSS score: 7.3) – Microsoft Office Security Feature Bypass Vulnerability
2. CVE-2023-21823 (CVSS score: 7.8) – Windows Graphics Component Elevation of Privilege Vulnerability
3. CVE-2023-23376 (CVSS score: 7.8) – Windows Common Log File System (CLFS) Driver Elevation of Privilege Vulnerability
Successful exploitation of the above flaws could enable an adversary to bypass Office macro policies used to block untrusted or malicious files or gain SYSTEM privileges.
Also addressed by Microsoft are multiple RCE defects in Exchange Server, ODBC Driver, PostScript Printer Driver, and SQL Server as well as denial-of-service (DoS) issues impacting Windows iSCSI Service and Windows Secure Channel
Endpoint OS, Office 365, Server OS
Credential Access, Defense Evasion, Execution, Initial Access, Privilege Escalation
Exploitation for Credential Access, Exploitation for Defense Evasion, Indirect Command Execution, Command and Scripting Interpreter, User Execution, Exploit Public-Facing Application
Active Defense Tactics:
Active Defense Techniques:
Baseline, Software Manipulation, Standard Operating Procedure
SuperPRO’s Threat Countermeasures Procedures:
1. Get the latest Microsoft Security Update from their official website.
2. Constantly check and update applications to ensure that it is up to date.
3. As a security precaution, always make sure to have an antivirus installed and keep it up to date as well.
Contributed by: Aman