• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft rolls out patches for 80 new security flaws —

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

You are here: Home / General Cyber Security News / Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack
March 15, 2023

Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have arrive less than lively exploitation in the wild.

8 of the 80 bugs are rated Critical, 71 are rated Significant, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant mounted in its Chromium-based Edge browser in recent months.

The two vulnerabilities that have occur beneath energetic attack involve a Microsoft Outlook privilege escalation flaw (CVE-2023-23397, CVSS score: 9.8) and a Windows SmartScreen security aspect bypass (CVE-2023-24880, CVSS score: 5.1).

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CVE-2023-23397 is “activated when an attacker sends a concept with an prolonged MAPI home with a UNC route to an SMB (TCP 445) share on a risk actor-managed server,” Microsoft mentioned in a standalone advisory.

A danger actor could leverage this flaw by sending a specifically crafted email, activating it immediately when it is retrieved and processed by the Outlook consumer for Windows. As a end result, this could guide to exploitation devoid of necessitating any user interaction and right before even the concept is considered in the Preview Pane.

Microsoft credited the Computer Emergency Response Group of Ukraine (CERT-UA) with reporting the flaw, including it is knowledgeable of “constrained targeted attacks” mounted by a Russia-based mostly threat actor against federal government, transportation, energy, and armed service sectors in Europe.

CVE-2023-24880, on the other hand, concerns a security bypass flaw that could be exploited to evade Mark-of-the-Web (MotW) protections when opening untrusted documents downloaded from the internet.

It is also the consequence of a slim patch unveiled by Microsoft to take care of one more SmartScreen bypass bug (CVE-2022-44698, CVSS rating: 5.4) that arrived to mild past calendar year and which was exploited by economically inspired actors to supply Magniber ransomware.

“Sellers often release narrow patches, producing an opportunity for attackers to iterate and uncover new variants,” Google Danger Evaluation Team (TAG) researcher Benoit Sevens mentioned in a report.

“Mainly because the root cause behind the SmartScreen security bypass was not resolved, the attackers had been equipped to immediately establish a distinctive variant of the unique bug.”

TAG said it noticed in excess of 100,000 downloads of malicious MSI documents signed with malformed Authenticode signature due to the fact January 2023, thus permitting the adversary to distribute Magniber ransomware devoid of elevating any security warnings. A majority of individuals downloads have been involved with customers in Europe.

The disclosure also arrives as the U.S. Cybersecurity and Infrastructure Security Company (CISA) extra the two flaws to the Regarded Exploited Vulnerabilities (KEV) catalog and introduced a new pilot program that aims to warn critical infrastructure entities about “vulnerabilities normally connected with identified ransomware exploitation.”

Also shut out by Microsoft are a range of critical remote code execution flaws impacting HTTP Protocol Stack (CVE-2023-23392, CVSS score: 9.8), Internet Manage Concept Protocol (CVE-2023-23415, CVSS score: 9.8), and Distant Treatment Phone Runtime (CVE-2023-21708, CVSS score: 9.8).

Other noteworthy mentions include things like patches for four privilege escalation bugs identified in the Windows Kernel, 10 distant code execution flaws affecting Microsoft PostScript and PCL6 Class Printer Driver, and a WebView2 spoofing vulnerability in the Edge browser.

WEBINARDiscover the Concealed Dangers of Third-Party SaaS Apps

Are you conscious of the pitfalls linked with 3rd-party application entry to your company’s SaaS applications? Sign up for our webinar to learn about the forms of permissions becoming granted and how to limit risk.

RESERVE YOUR SEAT

Somewhere else, Microsoft also shut out two details disclosure flaws in Microsoft OneDrive for Android, one spoofing vulnerability in Office environment for Android, a single security bypass bug in Microsoft OneDrive for iOS, and just one privilege escalation issue in OneDrive for macOS.

Rounding off the record are patches for two substantial-severity vulnerabilities in the Trusted Platform Module (TPM) 2. reference library specification (CVE-2023-1017 and CVE-2023-1018, CVSS scores: 8.8) that could guide to info disclosure or privilege escalation.

Software package Patches from Other Vendors

Aside from Microsoft, security updates have also been introduced by other vendors given that the start of the thirty day period to rectify various vulnerabilities, which include —

  • Adobe
  • Android
  • Apache Jobs
  • Aruba Networks
  • Cisco
  • Citrix
  • CODESYS
  • Dell
  • Drupal
  • F5
  • Fortinet
  • GitLab
  • Google Chrome
  • IBM
  • Jenkins
  • Lenovo
  • Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
  • MediaTek
  • Mozilla Firefox, Firefox ESR, and Thunderbird
  • NETGEAR
  • NVIDIA
  • Qualcomm
  • Samba
  • Samsung
  • SAP
  • Schneider Electrical
  • Siemens
  • SonicWall
  • Sophos
  • Synology
  • Trend Micro
  • Veeam
  • Zoho, and
  • Zoom

Uncovered this posting attention-grabbing? Observe us on Twitter  and LinkedIn to read extra distinctive information we submit.


Some areas of this article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News YoroTrooper Espionage Campaigns Target CIS, EU Countries
Next Post: IDCARE: Meet the cyber security charity shaping Australia and New Zealand’s data breach response idcare: meet the cyber security charity shaping australia and new»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz
  • Online Safety Bill: Why is Ofcom being thrown under the bus?

Copyright © TheCyberSecurity.News, All Rights Reserved.