Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws


Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws

Pierluigi Paganini
Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws October 11, 2023

Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws

Microsoft Patch Tuesday security updates for October 2023 fixed three actively exploited zero-day vulnerabilities.

Microsoft Patch Tuesday security updates for October 2023 addressed a total of 103 vulnerabilities in Microsoft Windows and Windows Components; Exchange Server; Office and Office Components; ASP.NET Core and Visual Studio; Azure; Microsoft Dynamics; and Skype for Business. Three of the flaws fixed by Microsoft were actively exploited vulnerabilities.

13 of the 13 flaws addressed by the IT giant are rated Critical and 90 are rated Important in severity. The number of fixed vulnerabilities is the second largest month this year.  

The three actively exploited zero-day vulnerabilities in today’s updates are:

CVE-2023-36563 – Microsoft WordPad Information Disclosure Vulnerability

An attacker can exploit this issue to disclose NTLM hashes.

“To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system,” reads the advisory published by Microsoft. “Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.”

Once the attacker has obtained the NTLM hashes, an attacker can crack them.

CVE-2023-41763  – Skype for Business Elevation of Privilege Vulnerability

An attacker can exploit this flaw to view some sensitive information (Confidentiality) but not all resources within the impacted component may be exposed.

Exploiting this vulnerability could allow the disclosure of NTLM hashes.

CVE-2023-44487 – HTTP/2 protocol denial of service flaw, it has been exploited in the wild since August 2023.

The complete list of the addressed flaws is available here:

https://www.zerodayinitiative.com/blog/2023/10/10/the-october-2023-security-update-review

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)







Source link