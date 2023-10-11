Rapid Reset among Microsoft’s 105 patches for October

By

Three bugs already exploited.

Microsoft’s regular patch day yields a bumper crop of 105 vulnerabilities, but mercifully few rating a critical CVSS score.

Rapid Reset among Microsoft&#8217;s 105 patches for October

Already exploited vulnerabilities include the recent HTTP2 Rapid Reset bug which iTnews published here (CVE-2023-44487); a Wordpad bug, CVE-2023-36563, which Microsoft discusses in detail here; and CVE-2023-41763, a privilege escalation in Skype for Business.

The Wordpad bug is troublesome in two ways. 

First, it can result in credentials being exposed, as Microsoft explained in its blog post.

“When there are linked objects in OLESTREAM, these functions might automatically authenticate to the server where the link source is located to get information that is needed for the conversion," it said.

“If the OLESTREAM is coming from an untrusted source, such as an RTF document downloaded from the Internet or an RTF-based email message, NTLM credentials of the user might be disclosed to a remote malicious server without the users' knowledge.”

Second, the vulnerability is inherited by other applications that use the Wordpad functionality, including Outlook and Word.

Several of the bugs addressed today have CVSS scores greater than 9.0 (critical).

CVE-2023-36434 is a privilege escalation in the Windows IIS server, but Microsoft said it regards exploitation as unlikely, because it’s a brute-force vulnerability that should be prevented by strong passwords.

There are also two RCE vulnerabilities in Microsoft’s Message Queuing, CVE-2023-35349 and CVE-2023-36697.

There’s no detail provided for CVE-2023-35349, but Microsoft said CVE-2023-36697 requires an attacker “to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
microsoftpatch tuesdayrapid resetsecurity

Sponsored Whitepapers

How to reach the &#8216;Holy Grail&#8217; of security and performance with SASE
How to reach the ‘Holy Grail’ of security and performance with SASE
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Transforming Your Business
Transforming Your Business
The Complete Cloud Security Buyer's Guide
The Complete Cloud Security Buyer's Guide
The Complete MDR Buyer's Guide
The Complete MDR Buyer's Guide

Events

Most Read Articles

NDIA backs infosec after internal report kept private

NDIA backs infosec after internal report kept private
Apple moves on kernel bug

Apple moves on kernel bug
Atlassian patches under-attack Confluence zero-day

Atlassian patches under-attack Confluence zero-day
Home Affairs website hit by DDoS attack

Home Affairs website hit by DDoS attack

Digital Nation

COVER STORY: What AI regulation might look like in Australia
COVER STORY: What AI regulation might look like in Australia
State of Security 2023
State of Security 2023
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX

Log In

  |  Forgot your password?