• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft's 'unusually large' patch tuesday fixes actively exploited zero day,

Microsoft’s ‘unusually large’ Patch Tuesday fixes actively exploited zero day, 11 critical vulnerabilities

You are here: Home / General Cyber Security News / Microsoft’s ‘unusually large’ Patch Tuesday fixes actively exploited zero day, 11 critical vulnerabilities
January 11, 2023

Getty Photos

Microsoft has issued fixes for 98 security vulnerabilities in its 1st Patch Tuesday of the yr, a volume of flaws nearly double December’s complete which has shocked analysts.

The contemporary wave of patches in 2023 includes fixes for 11 ‘critical’ rated flaws and a person actively exploited zero-working day vulnerability.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


According to Microsoft, 11 vulnerabilities were being presented a ‘critical’ score due to their prospective to enable remote code execution, elevate privileges, and bypass crucial security characteristics. 

Investigation from the Zero-Day Initiative claimed that the volume of vulnerabilities “is the major we’ve seen from Microsoft for a January release in rather some time”.

Patches had been also issued for critical vulnerability exploits impacting a raft of Windows items, which includes Windows Defender, Windows BitLocker, Office, and Microsoft Trade Server.  

Saeed Abbasi, supervisor of vulnerability and threat exploration at Qualys, explained the quantity of patches issued in this newest raft of updates is unsurprising after a year fraught with noteworthy vulnerabilities.  

December saw the tech big issue fixes for two zero-working day vulnerabilities affecting Windows SmartScreen and DirectX.  

“Coming off the 2022 calendar 12 months when the industry saw the largest variety of zero days and optimum variety of vulnerabilities disclosed, this to start with launch suggests that this development will not gradual.” 

Privilege escalation concerns 

The most up-to-date patch cycle included fixes for 39 privilege escalation vulnerabilities. Although these vulnerabilities generally appear with reduce CVSSv3 scores, security professionals warn that these are commonly observed in the early phases of an attack.  

The zero-day’s patch addresses an actively exploited elevation of privilege vulnerability. Tracked as CVE-2023-21674, the vulnerability was specified an 8.8 CVSSv3 score and could be utilized to capitalise on an first an infection on a specific host.  

This certain exploit is normally utilised in network compromises, according to Kev Breen, director of cyber threat research at Immersive Labs. At the time an original foothold has been established, this could allow attackers to transfer throughout networks or obtain better stages of obtain. 

“These forms of privilege escalation vulnerabilities are a key aspect of that attacker playbook,” Breen said.  

“This vulnerability is actively getting exploited in the wild, so it should be top of the checklist for patching,” he added.  

Microsoft also disclosed particulars of an additional elevation of privilege vulnerability that it has now been patched.  

CVE-2023-21549 influences the Windows SMB Witness Support and also been given a ‘critical’ severity rating. Microsoft stated the vulnerability as ‘publicly known’ but additional there is at the moment no actual evidence of exploitation.  

“To exploit this vulnerability, an attacker could execute a specifically crafted malicious script which executes an RPC call to an RPC host,” Microsoft reported in its update.  

This certain vulnerability has an effect on Windows OS versions commencing from Windows 7 and Windows Server 2008. 

In addition to the zero working day, there ended up two critical vulnerabilities to spend near focus to, in accordance to Abbasi. 

The to start with was CVE-2023-21743 which affects the security features of Microsoft SharePoint Server. This would allow for an unauthenticated attacker to exploit the vulnerability to establish an anonymous link to the SharePoint server. 

The 2nd highlighted by Abbasi is a Microsoft Exchange Server vulnerability – which chains jointly CVE-2023-21763 and CVE-2023-21764 – that would permit attackers to elevate privilege because of to a failure to appropriately patch a previous vulnerability.  

“Both SharePoint and Exchange are critical resources that a lot of organisations use to collaborate and total everyday tasks, building these vulnerabilities exceptionally attractive in the eyes of an attacker,” Abbasi said.  

‘End of an era’ 

Lewis Pope, head ‘Nerd’ at N-able, stated the very first Patch Tuesday of 2023 marks the “end of an era” in the wake of Microsoft’s final decision to discontinue security updates for legacy operating methods. 

Before this week, the tech giant confirmed it would no longer offer security updates for Windows 7 and Windows 8.1 through its Extended Security Update programme.  

“This now firmly cements the concept of utilizing Windows 7 or 8.1 in creation environments as an unacceptable risk in any ecosystem adhering to simple cyber security best techniques,” he stated.  

“According to Microsoft, the appropriate action is to enhance devices with appropriate components to Windows 10 or decommissions those people systems in favour of contemporary, supported functioning programs.” 


Some parts of this short article are sourced from:
www.itpro.co.uk

Previous Post: «Cyber Security News Over 100 CVEs Addressed in First Patch Tuesday of 2023
Next Post: Applications Five Years or Older Likely to have Security Flaws Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
  • Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
  • 6 Steps to 24/7 In-House SOC Success
  • Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
  • 67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
  • New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
  • BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
  • Secure Vibe Coding: The Complete New Guide
  • Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
  • Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Copyright © TheCyberSecurity.News, All Rights Reserved.