October 10, 2023 at 02:36PM – Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

October 10, 2023 at 02:36PM

Microsoft released a large batch of software and OS updates to address over 100 vulnerabilities across Windows systems. They warned that three of these vulnerabilities are already being exploited. The updates also targeted a zero-day vulnerability in HTTP/2 Rapid Reset that exposed the internet to DDoS attacks. Two other zero-day flaws in Microsoft WordPad and Skype for Business were also highlighted.

The meeting notes highlight several important updates from Microsoft’s security response team. Here are the key takeaways:

1. Microsoft released a significant batch of software and OS updates to cover over 100 vulnerabilities across the Windows ecosystem.
2. Three of these vulnerabilities are already being exploited in the wild.
3. Microsoft, along with AWS, Google, and Cloudflare, addressed the ‘HTTP/2 Rapid Reset’ zero-day vulnerability, which exposed the internet to massive DDoS attacks.
4. Two zero-day vulnerabilities were also identified: one in Microsoft WordPad and another in Skype for Business, both of which are being actively exploited.
5. The WordPad bug allows for the disclosure of NTLM hashes through information disclosure.
6. The Skype for Business bug allows attackers to elevate rights on compromised Windows machines.
7. Microsoft warned that sensitive information exposed by these vulnerabilities could provide access to internal networks.
8. A total of about 110 vulnerabilities were documented, affecting various Windows and operating system components.
9. The Microsoft Message Queuing technology was particularly affected, with 20 documented security defects.
10. One of the Message Queuing bugs (CVE-2023-35349) has a high severity score and appears to be wormable.
11. Windows admins should also pay attention to the Windows IIS Server elevation of privilege bug (CVE-2023-36434) with a high severity rating.

These key takeaways provide an overview of the vulnerabilities and patches discussed in the meeting. It is important for the organization to prioritize patching and address these security issues promptly.

Full Article – https://ift.tt/SfMo6JY