Microsoft released on Tuesday windows updates (and not only) security to solve 75 defects covering its range of products, three of which have been actively exploited.
The updates fix well over 22 defects corrected in the last month the Windows manufacturer fixed in its Chromium-based Edge browser.
What has been fixed by these new Windows updates?
Of the 75 vulnerabilities, nine are rated Critical and 66 are rated Important in terms of severity. 37 out of 75 bugs are classified as remote code execution (RCE) flaws. The three notable zero days that have been exploited are as follows:
- CVE-2023-21715 (CVSS score: 7.3) – Microsoft Office security feature vulnerability;
- CVE-2023-21823 (CVSS score: 7.8) – Windows Graphics Components Privilege Escalation Vulnerability;
- CVE-2023-23376 (CVSS Score: 7.8) – Windows Common Log File System (CLFS) Driver Elevation of Privilege Vulnerability
“The attack itself is performed locally by a user authenticated to the targeted system“said Microsoft in the advisory for CVE-2023-21715.
Microsoft on Windows updates then added: “An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim’s computer“.
Successful exploitation of the above flaws could allow an attacker to bypass Office macro policies used to block untrusted or malicious files, or gain SYSTEM privileges.
CVE-2023-23376 is also the third actively exploited zero-day flaw in the CLFS component after CVE-2022-24521 And CVE-2022-37969 (CVSS score: 7.8), which were fixed by Microsoft in April and September 2022.
“The Windows Common Log File System Driver is a component of the Windows operating system that manages and maintains a high-performance transaction-based log file system“, said Nikolas Cemerikic of Immersive Labs.
Cemerikic then added regarding recent Windows updates: “It is an essential component of the Windows operating system and any vulnerability in this driver could have significant implications for system security and reliability [operativo]“.
It is worth noting that Microsoft OneNote for Android is vulnerable to CVE-2023-21823 and with the feature that allows take notes which is increasingly emerging as a conduit for malware distribution, it is imperative that users apply fixes by updating Windows.
Additionally, Microsoft has fixed several RCE flaws in Exchange Server, ODBC drivers, PostScript printer drivers, and SQL Server, as well as denial-of-service (DoS) issues affecting the Windows iSCSI service and the Windows secure channel.
Three of the Exchange Server flaws are classified by the company as “most likely exploitation,” although such exploitation requires that the attacker has already logged in.
In recent years Exchange servers have prove yourself goals of high value as they can allow unauthorized access to sensitive information or even facilitate Business Email Compromise (BEC) attacks.
As usual, Windows updates have forced other manufacturers to comply
In addition to Microsoft, security updates have also been released by other vendors in recent weeks to fix several vulnerabilities, including:
What are you waiting for? Windows updates are waiting for you!
#Windows #Updates #Microsoft #patches #issues