• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft rolls out patches for 80 new security flaws —

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

You are here: Home / General Cyber Security News / Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack
March 15, 2023

Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have arrive less than lively exploitation in the wild.

8 of the 80 bugs are rated Critical, 71 are rated Significant, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant mounted in its Chromium-based Edge browser in recent months.

The two vulnerabilities that have occur beneath energetic attack involve a Microsoft Outlook privilege escalation flaw (CVE-2023-23397, CVSS score: 9.8) and a Windows SmartScreen security aspect bypass (CVE-2023-24880, CVSS score: 5.1).

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


CVE-2023-23397 is “activated when an attacker sends a concept with an prolonged MAPI home with a UNC route to an SMB (TCP 445) share on a risk actor-managed server,” Microsoft mentioned in a standalone advisory.

A danger actor could leverage this flaw by sending a specifically crafted email, activating it immediately when it is retrieved and processed by the Outlook consumer for Windows. As a end result, this could guide to exploitation devoid of necessitating any user interaction and right before even the concept is considered in the Preview Pane.

Microsoft credited the Computer Emergency Response Group of Ukraine (CERT-UA) with reporting the flaw, including it is knowledgeable of “constrained targeted attacks” mounted by a Russia-based mostly threat actor against federal government, transportation, energy, and armed service sectors in Europe.

CVE-2023-24880, on the other hand, concerns a security bypass flaw that could be exploited to evade Mark-of-the-Web (MotW) protections when opening untrusted documents downloaded from the internet.

It is also the consequence of a slim patch unveiled by Microsoft to take care of one more SmartScreen bypass bug (CVE-2022-44698, CVSS rating: 5.4) that arrived to mild past calendar year and which was exploited by economically inspired actors to supply Magniber ransomware.

“Sellers often release narrow patches, producing an opportunity for attackers to iterate and uncover new variants,” Google Danger Evaluation Team (TAG) researcher Benoit Sevens mentioned in a report.

“Mainly because the root cause behind the SmartScreen security bypass was not resolved, the attackers had been equipped to immediately establish a distinctive variant of the unique bug.”

TAG said it noticed in excess of 100,000 downloads of malicious MSI documents signed with malformed Authenticode signature due to the fact January 2023, thus permitting the adversary to distribute Magniber ransomware devoid of elevating any security warnings. A majority of individuals downloads have been involved with customers in Europe.

The disclosure also arrives as the U.S. Cybersecurity and Infrastructure Security Company (CISA) extra the two flaws to the Regarded Exploited Vulnerabilities (KEV) catalog and introduced a new pilot program that aims to warn critical infrastructure entities about “vulnerabilities normally connected with identified ransomware exploitation.”

Also shut out by Microsoft are a range of critical remote code execution flaws impacting HTTP Protocol Stack (CVE-2023-23392, CVSS score: 9.8), Internet Manage Concept Protocol (CVE-2023-23415, CVSS score: 9.8), and Distant Treatment Phone Runtime (CVE-2023-21708, CVSS score: 9.8).

Other noteworthy mentions include things like patches for four privilege escalation bugs identified in the Windows Kernel, 10 distant code execution flaws affecting Microsoft PostScript and PCL6 Class Printer Driver, and a WebView2 spoofing vulnerability in the Edge browser.

WEBINARDiscover the Concealed Dangers of Third-Party SaaS Apps

Are you conscious of the pitfalls linked with 3rd-party application entry to your company’s SaaS applications? Sign up for our webinar to learn about the forms of permissions becoming granted and how to limit risk.

RESERVE YOUR SEAT

Somewhere else, Microsoft also shut out two details disclosure flaws in Microsoft OneDrive for Android, one spoofing vulnerability in Office environment for Android, a single security bypass bug in Microsoft OneDrive for iOS, and just one privilege escalation issue in OneDrive for macOS.

Rounding off the record are patches for two substantial-severity vulnerabilities in the Trusted Platform Module (TPM) 2. reference library specification (CVE-2023-1017 and CVE-2023-1018, CVSS scores: 8.8) that could guide to info disclosure or privilege escalation.

Software package Patches from Other Vendors

Aside from Microsoft, security updates have also been introduced by other vendors given that the start of the thirty day period to rectify various vulnerabilities, which include —

  • Adobe
  • Android
  • Apache Jobs
  • Aruba Networks
  • Cisco
  • Citrix
  • CODESYS
  • Dell
  • Drupal
  • F5
  • Fortinet
  • GitLab
  • Google Chrome
  • IBM
  • Jenkins
  • Lenovo
  • Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
  • MediaTek
  • Mozilla Firefox, Firefox ESR, and Thunderbird
  • NETGEAR
  • NVIDIA
  • Qualcomm
  • Samba
  • Samsung
  • SAP
  • Schneider Electrical
  • Siemens
  • SonicWall
  • Sophos
  • Synology
  • Trend Micro
  • Veeam
  • Zoho, and
  • Zoom

Uncovered this posting attention-grabbing? Observe us on Twitter  and LinkedIn to read extra distinctive information we submit.


Some areas of this article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News YoroTrooper Espionage Campaigns Target CIS, EU Countries
Next Post: IDCARE: Meet the cyber security charity shaping Australia and New Zealand’s data breach response idcare: meet the cyber security charity shaping australia and new»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.