fbpx

Microsoft’s latest Patch Tuesday updates for October 2023 have been released, targeting a total of 103 vulnerabilities in its software. Notably, two of these vulnerabilities have already been actively exploited in the wild.

[FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing

Among the 103 identified flaws, thirteen are classified as Critical, underscoring their severity. The remaining 90 are labelled as Important. Additionally, this release follows the fixing of 18 security flaws in its Chromium-based Edge browser since the second Tuesday of September.

The following are the two zero-day vulnerabilities that have been weaponized:

  • CVE-2023-36563 (CVSS score: 6.5) – This vulnerability is found in Microsoft WordPad and could potentially result in the release of NTLM hashes.
  • CVE-2023-41763 (CVSS score: 5.3) – This vulnerability affects Skype for Business, posing a risk of privilege escalation. It has the potential to expose sensitive information, including IP addresses and port numbers. This exposure could grant threat actors access to internal networks.

“In order to exploit this vulnerability, an attacker must first log into the system.” Microsoft cautioned that “an attacker could then run a specially crafted application to exploit the vulnerability and potentially gain control of an affected system” in their CVE-2023-36563 alert.

Microsoft Releases Patches

“An attacker could also persuade a local user to open a malicious file.” The attacker would have to persuade the user to follow a link, generally via an email or instant chat, and then persuade them to open the specially designed file.”

Redmond also patched dozens of weaknesses in Microsoft Message Queuing (MSMQ) and Layer 2 Tunneling Protocol that might lead to remote code execution and denial-of-service (DoS).

The security update also fixes a severe privilege escalation flaw in the Windows IIS Server (CVE-2023-36434, CVSS score: 9.8), which might allow an attacker to impersonate and log in as another user via brute force.

The tech giant has also issued a fix for CVE-2023-44487, commonly known as the HTTP/2 Rapid Reset attack, which has been used as a zero-day by unknown actors to launch hyper-volumetric distributed denial-of-service (DDoS) assaults.

“While this DDoS has the potential to impact service availability, it alone does not lead to the compromise of customer data, and at this time, we have seen no evidence of customer data being compromised,” the statement stated.

Finally, Microsoft has declared that Visual Basic Script (aka VBScript), which is frequently used to distribute malware, will be deprecated, adding that “in future releases of Windows, VBScript will be available as a feature on-demand before its removal from the operating system.”

MANAGED CYBERSECURITY SOLUTIONS

Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.

GO TO CYBERSECURITY SOLUTIONS

About Rhyno Cybersecurity Services

Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.

Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.

Privacy Preference Center