Microsoft has issued fixes for 3 actively exploited zero-working day vulnerabilities in its newest Patch Tuesday update, equalling the number set in January and December combined.
Patches have been issued for a full of 77 flaws in the latest batch of updates, 9 of which were being categorised as ‘critical’ owing to their potential to permit remote code execution.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Described as an “unusually significant” spherical by security experts, the raft of updates contains fixes for bugs influencing Microsoft Windows, .NET Framework, Microsoft Business office, SQL Server, Exchange Server, HoloLens, and various Azure companies.
“This is an unusually substantial round, nonetheless this launch is essential and overdue,” claimed Richard Hollis, CEO at Risk Crew.
“The ‘critical’ patches addressing distant code execution alone are important supplied the extraordinary raise in perform-from-home consumers. But the three addressing the zero-day CVEs are mission-critical in today’s threat landscape,” he additional.
SQL Server updates
A total of 6 CVEs influencing the Microsoft SQL server were being solved in the most up-to-date spherical of updates. This marked the greatest amount of fixes for the SQL server in a number of several years, security experts observed.
1 of these, CVE-2023-21718, was rated critical. Microsoft reported an attacker could exploit this vulnerability by “tricking an unauthenticated user into making an attempt to hook up to a malicious SQL server databased by using ODBC”.
“This could consequence in the database returning destructive information that could lead to arbitrary code execution on the client,” the advisory warned.
Actively exploited vulnerabilities
Microsoft explained it resolved a distant code execution vulnerability observed in Windows Graphics Part. Tracked as CVE-2023-21823, this flaw has been actively exploited in the wild and affects Windows 10, Windows Server 2008, and later on Windows editions.
The tech big warned this vulnerability also has an effect on Microsoft Business for iOS, Android, and Universal.
If exploited, this vulnerability could permit an attacker to acquire method privileges and execute commands, Microsoft claimed.
Security professionals famous that the update for this vulnerability will be circulated by means of the Microsoft Keep as a substitute of by way of the standard procedure in Windows Update catalogue.
As these types of, shoppers with computerized updates disabled on the Microsoft Keep will have to act quick to patch.
The Windows Frequent Log File Technique Driver was also discovered to include an actively exploited vulnerability, Microsoft verified in its advisory.
This escalation of privilege flaw was rated as ‘important’ and influences Windows 10, Server 2008, and afterwards Windows editions. The flaw also enabled attackers to obtain program privileges.
Chris Goettl, VP of security goods at Ivanti, said an escalation of privilege vulnerability these kinds of as this could be “used in mix with other vulnerabilities in an attack chain” and suggested companies to patch right away.
Meanwhile, a specifically about security aspect bypass in Microsoft Publisher, tracked as CVE-2023-21715, has also been patched in this most current round of updates, the enterprise confirmed.
Rated as ‘important’, this flaw has an effect on Microsoft 365 apps for Business and has been actively exploited in the wild, allowing for an attacker to bypass Business macros guidelines utilized to block untrusted or malicious information.
“The attack by itself is carried out locally by a consumer with authentication to the targeted procedure,” Microsoft mentioned in its advisory.
“An authenticated attacker could exploit the vulnerability by convincing a target, as a result of social engineering, to download and open up a specially crafted file from a website which could guide to a community attack on the sufferer computer.”
Some pieces of this write-up are sourced from: