Microsoft’s September 2023 Patch Tuesday is another important one. It patches two vulnerabilities which are known to be actively exploited.
Microsoft’s September 2023 Patch Tuesday is another important one. Not because it’s a busy one, but because we have some special cases. Patch Tuesday includes security updates for 59 bugs, two of which are known to be actively exploited.
The Cybersecurity & Infrastructure Security Agency (CISA) has added these two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by October 3, 2023 in order to protect their environments against active threats.
Let’s start by looking at those two vulnerabilities.
CVE-2023-36761 (CVSS score 6.2 out of 10): a Microsoft Word information disclosure vulnerability. Exploiting this vulnerability could allow the disclosure of NTLM hashes and the Preview Pane is an attack vector. These NTLM hashes can be used in NTLM Relay attacks (pass-the hash) to gain access to the account. This means a successful exploitation would allow the attacker to impersonate the user and gain their access rights.
CVE-2023-36802 (CVSS score 7.8 out of 10): a Microsoft Streaming Service Proxy Elevation of Privilege (EoP) vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Administrators of Exchange servers again have their work cut out for them. Five important vulnerabilities have been patched, three of which could result in Remote Code Execution (RCE). Visual Studio users have to deal with…
“Opportunity is missed by most people because it is dressed in overalls and looks like work.” —Thomas Edison
“Tell me, and I forget. Teach me, and I remember. Involve me, and I learn.” —Benjamin Franklin