Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

Microsoft Patch Tuesdays

Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild.

The updates are in addition to 22 flaws the Windows maker patched in its Chromium-based Edge browser over the past month.

Of the 75 vulnerabilities, nine are rated Critical and 66 are rated Important in severity. 37 out of 75 bugs are classified as remote code execution (RCE) flaws. The three zero-days of note that have been exploited are as follows –

  • CVE-2023-21715 (CVSS score: 7.3) – Microsoft Office Security Feature Bypass Vulnerability
  • CVE-2023-21823 (CVSS score: 7.8) – Windows Graphics Component Elevation of Privilege Vulnerability
  • CVE-2023-23376 (CVSS score: 7.8) – Windows Common Log File System (CLFS) Driver Elevation of Privilege Vulnerability

“The attack itself is carried out locally by a user with authentication to the targeted system,” Microsoft said in advisory for CVE-2023-21715.

“An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer.”

Successful exploitation of the above flaws could enable an adversary to bypass Office macro policies used to block untrusted or malicious files or gain SYSTEM privileges.

CVE-2023-23376 is also the third actively exploited zero-day flaw in the CLFS component after CVE-2022-24521 and CVE-2022-37969 (CVSS scores: 7.8), which were addressed by Microsoft in April and September 2022.

“The Windows Common Log File System Driver is a component of the Windows operating system that manages and maintains a high-performance, transaction-based log file system,” Immersive Labs’ Nikolas Cemerikic said.

“It is an essential component of the Windows operating system, and any vulnerabilities in this driver could have significant implications for the security and reliability of the system.”

It’s worth noting that Microsoft OneNote for Android is vulnerable to CVE-2023-21823, and with the note-taking service increasingly emerging as a conduit for delivering malware, it’s crucial that users apply the fixes.

Also addressed by Microsoft are multiple RCE defects in Exchange Server, ODBC Driver, PostScript Printer Driver, and SQL Server as well as denial-of-service (DoS) issues impacting Windows iSCSI Service and Windows Secure Channel.

Three of the Exchange Server flaws are classified by the company as “Exploitation More Likely,” although successful exploitation requires the attacker to be already authenticated.

Exchange servers have proven to be high-value targets in recent years as they can enable unauthorized access to sensitive information, or facilitate Business Email Compromise (BEC) attacks.

Software Patches from Other Vendors#

Besides Microsoft, security updates have also been released by other vendors over the past few weeks to rectify several vulnerabilities, including —



Original Source


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon using the button below

Digital Patreon Wordmark FieryCoralv2

To keep up to date follow us on the below channels.

join
Click Above for Telegram
discord
Click Above for Discord
reddit
Click Above for Reddit
hd linkedin
Click Above For LinkedIn