A Microsoft announced on Tuesday (14) a major security update in its “patch tuesday“March, which seeks to eliminate 83 vulnerabilities in its systems. Of these, two are considered “zero-day vulnerabilities,” that is, security flaws that have not yet been known to the general public and are already exploited by hackers and cybercriminals.

Nine critical vulnerabilities have been identified that could allow remote code execution, denial of service, or privilege escalation attacks. These security flaws are considered critical because they could allow an attacker to remotely control a vulnerable system or compromise the integrity of stored data.

Windows 10 hotfixes KB5023696 and KB5023697 are being released to address system and security issues in several versions of the operating system, including Windows Server 2016. These updates are required and will be automatically installed via Windows Update unless a user has performed a modified or blocked installation. In addition, a minor security and hyperlinking fix in Excel was made available for Windows 10 1507 via hotfix KB5023713.

The number of bugs in each category of vulnerabilities is listed below:

• 21 privilege escalation vulnerabilities
• 2 Security bypass vulnerabilities
• 27 Remote code execution vulnerabilities
• 15 information disclosure vulnerabilities
• 4 Denial of service vulnerabilities
• 10 spoofing vulnerabilities
• 1. Edge – Chromium Vulnerability

Zero day vulnerabilities

Two actively exploited zero-day vulnerabilities fixed in today’s updates:

CVE-2023-23397 – Microsoft Outlook Elevation of Privilege Vulnerability

Microsoft has patched a vulnerability in Microsoft Outlook that could allow malicious emails to force a device to connect to an external website controlled by hackers. This leaked system information and allowed the attacker to authenticate as a victim to other services. The vulnerability can be exploited before the email is even read, making it particularly dangerous.

Microsoft warns that this vulnerability triggers automatically when the email server processes a malicious message, so users could be affected without even opening the email. The Russian hacker group STRONTIUM was found to have exploited the vulnerability to steal emails from certain accounts. Microsoft has issued a warning about the vulnerability, and several cybersecurity organizations have confirmed the vulnerability.

CVE-2023-24880 – Windows SmartScreen Security Feature Bypass Vulnerability

Microsoft has fixed a zero-day vulnerability that was heavily exploited in Windows SmartScreen. This vulnerability could allow an attacker to create a malicious file that bypassed system protections, resulting in a limited loss of integrity and availability of security features. The vulnerability was discovered by the Google Threat Intelligence team, which identified it as the use of the Magniber ransomware. Google TAG found that this vulnerability was a workaround for another vulnerability (CVE-2022-44698) that was already exploited by Magniber and was patched by Microsoft in December.

Attackers used signed, malformed JavaScript autoload files to exploit this vulnerability, which caused Windows SmartScreen to ignore security warnings. After Microsoft patched the previous vulnerability, Google discovered that Magniber started using invalid authentication signatures in MSI files to bypass the fix.

Google explained that this was caused by Microsoft only fixing the originally claimed abuse of the JavaScript file, rather than fixing the root cause of the issue. The vulnerability was discovered by Google and Microsoft researchers.

Mundo Conectado Deal Center: Selection of Discounts and Lowest Prices
Best deals on electronics, cell phones, TVs, soundbars, drones and more

Source: TechPowerUp

…..