Microsoft scrambles zero-day fixes in bumper patch crop

By

Multiple vulnerabilities exploited in the wild.

Microsoft’s monthly patch day brings with it a warning of an as-yet-unpatched zero-day vulnerability in which Word documents are the attack vector.

Microsoft scrambles zero-day fixes in bumper patch crop

In a blog post, Microsoft accused a Russian threat actor dubbed “Storm-0978” of using CVE-2023-36884 to try and install backdoors on target systems.

The group then conducts ransomware attacks, or uses their access for espionage, Microsoft said.

Infected Word files are detected by Windows Defender, the post said. 

Other exploited bugs patched this month include:

  • CVE-2023-35311, an Outlook security feature vulnerability
  • CVE-2023-32046, an escalation of privilege exploitable by a crafted file in an email or on a website
  • CVE-2023-32049, a security feature bypass vulnerability with Windows SmartScreen
  • CVE-2023-36874, a local privilege escalation vulnerability

Critical vulnerabilities (with a CVSS score greater than 9) disclosed today include CVE-2023-32057, a vulnerability in Microsoft message queuing that results in remote code execution (RCE); CVE-2023-33150, a security feature bypass in Office; and CVE-2023-35365, CVE-2023-35366, and CVE-2023-35367, a trio of RCE vulnerabilities in the Windows routing and remote access service.

The SANS Institute’s Patch Tuesday roundup states there are a total of 132 fixes released by Microsoft today.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Log In

  |  Forgot your password?