Microsoft Issues a Fix for 2 Fresh Regularly Exploited Zero-Day Vulnerabilities

Post Views: 601

Microsoft has recently issued software remedies to address a total of 59 vulnerabilities across its range of products. These solutions include the resolution of two zero-day vulnerabilities that have been actively exploited by criminal individuals in the cyber realm.

Out of the total count of 59 vulnerabilities, it has been determined that five possess a Critical rating, 55 are classified as Important, and one is categorized as Moderate in terms of severity. The recent update addresses an additional set of 35 vulnerabilities that have been resolved in the Chromium-based Edge browser since the previous Patch Tuesday release. This version also includes a cure for CVE-2023-4863, a significant issue related to heap buffer overflow in the WebP image format.

Below are two Microsoft flaws that have been subject to active abuse in real-world attacks:

CVE-2023-36761 (CVSS score: 6.2): The subject of concern pertains to a vulnerability in Microsoft Word that leads to the disclosure of sensitive information.
CVE-2023-36802 (CVSS score: 7.8): The vulnerability identified is related to the elevation of privilege in the Microsoft Streaming Service Proxy.

According to the advisory provided by the Windows manufacturer, “the exploitation of this vulnerability has the potential to result in the exposure of NTLM hashes.” The advisory also highlights that CVE-2023-36802 could be utilized by an attacker to illicitly get SYSTEM rights.

The precise information pertaining to the characteristics of the exploitation or the individuals responsible for the attacks remains undisclosed as yet.

According to Satnam Narang, “A senior staff research engineer at Tenable, the exploitation of CVE-2023-36761 is not restricted just to the scenario where a prospective target opens a malicious Word document. In fact, the attack can be triggered by simply previewing the file. The act of exploitation could potentially lead to the revelation of New Technology LAN Manager (NTLM) hashes.”

One of the vulnerabilities discovered in the March Patch Tuesday release was CVE-2023-23397, which pertains to an elevation of privilege vulnerability found in Microsoft Outlook.

Several noteworthy vulnerabilities include multiple remote code execution flaws affecting Internet Connection Sharing (ICS), Visual Studio, 3D Builder, Azure DevOps Server, Windows MSHTML, and Microsoft Exchange Server. Additionally, there are elevation of privilege issues found in Windows Kernel, Windows GDI, Windows Common Log File System Driver, and Office, among other vulnerabilities.

Software Patches from Other Vendors

In addition to Microsoft, many companies have recently issued security upgrades to address multiple vulnerabilities, such as the following:

Adobe
Android
Apache Projects
Apple
Aruba Networks
ASUS
Cisco
Citrix
Dell
Drupal
F5
GitLab
Google Chrome
Hitachi Energy
HP
IBM
Jenkins
Juniper Networks
Lenovo
Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
MediaTek
Mitsubishi Electric
Mozilla Firefox, Firefox ESR, and Thunderbird
NETGEAR
Notepad++
NVIDIA
Qualcomm
Samsung
SAP
Schneider Electric
Siemens
SolarWinds
Splunk
Spring Framework
Synology
TP-Link
Trend Micro
Veeam
VMware
Zimbra, and
Zoom

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.