• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Microsoft Fixes Zero-Day Bug This Patch Tuesday

You are here: Home / General Cyber Security News / Microsoft Fixes Zero-Day Bug This Patch Tuesday
April 12, 2023

Microsoft’s Patch Tuesday release this month included a security update for a Windows zero-day vulnerability remaining actively exploited in the wild.

The bug in issue, CVE-2023-28252, is explained as an elevation of privilege vulnerability in the Windows Common Log File Process (CLFS) driver.

No proof of principle has been found for the exploit as yet, so Microsoft prospects should really patch instantly, advised Mike Walters, VP of vulnerability and danger investigate at Action1.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“This vulnerability has a minimal complexity and takes advantage of a neighborhood attack vector, demanding only minimal privileges to exploit and no interaction from the consumer. It affects Windows Server variations from 2008 onward, as very well as all variations of Windows 10,” he described.

“The vulnerability has a CVSS risk score of 7.8, which is reduced for the reason that it can only be executed regionally. Having said that, it however poses a superior privilege escalation risk due to the fact an attacker who effectively exploits it can achieve technique privileges.”

Dustin Childs, head of menace recognition at the Zero Working day Initiative, additional that a identical zero-day was patched in the identical Windows ingredient just two months ago.

“To me, that implies the initial fix was inadequate and attackers have found a process to bypass that fix,” he additional.

“As in February, there is no information and facts about how prevalent these attacks might be. This type of exploit is generally paired with a code execution bug to spread malware or ransomware. Definitely examination and deploy this patch quickly.”

There were updates for a whole of 7 vulnerabilities rated critical, which include CVE-2023-21554, a distant code execution bug in Microsoft Concept Queuing which was presented a CVSS ranking of 9.8.

“It enables a remote, unauthenticated attacker to operate their code with elevated privileges on influenced servers with the Concept Queuing services enabled. This services is disabled by default but is usually made use of by several make contact with center programs,” explained Childs.

“It listens to TCP port 1801 by default, so blocking this at the perimeter would avert external attacks. On the other hand, it’s not obvious what impression this may perhaps have on functions. Your greatest alternative is to take a look at and deploy the update.”

Editorial image credit rating: rafapress / Shutterstock.com


Some elements of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «urgent: microsoft issues patches for 97 flaws, including active ransomware Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
Next Post: Ethical Hackers Could Earn up to $20,000 Uncovering ChatGPT Vulnerabilities Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.