• Fri. Dec 1st, 2023
If you are a Windows user, you urgently need to update because of “this”.

In recent events, Microsoft disclosed 132 security flaws across all product lines this week. This includes a total of six zero-day flaws that are currently being actively exploited. For this reason, security professionals advised Windows users to upgrade immediately.

One of the zero-day vulnerabilities affects Windows HTML and Microsoft Office also allows remote code execution. Although this is a Patch Tuesday rollout, Microsoft has yet to release a patch for CVE-2023-36884, choosing instead to provide configuration mitigation methods. Microsoft has linked the exploitation of the vulnerability to Romcom, a Russian cybercrime group suspected of working in the interests of Russian intelligence.

The new OnePlus Nord 3 5G will be available on sale from July 15; It is priced at Rs 33,999

Flipkart Big Billion Days Sale: iPhone 13 at Rs 44,040, iPhone 12 Mini at Rs 23,000, iPhone 11 at Rs 27,040 and more

Jio Bharat Phone Launched in India: Full Specifications, Features, Price, How to Buy, Other Details

Google Play Games for PC beta is coming to India and users can now play Android games on Windows PC

Adam Barnett, a vulnerability risk management specialist at Rapid7, has warned that this Russian group has previously engaged in ransomware attacks targeting significant numbers of victims.

Security professionals warn Windows users to apply updates as soon as possible, given the number of fixed vulnerabilities and the fact that some of them have zero days. Microsoft’s Security Update Guide contains a comprehensive list of vulnerabilities covered by the latest patch released on Tuesday. However, security professionals have called attention to something more critical.

  1. Vulnerability: CVE-2023-36884

Microsoft has stated that it is investigating claims of several remote code execution flaws affecting Windows and Office products. Microsoft is aware of specific attacks that attempt to use specially crafted Microsoft Office documents to exploit these flaws. Microsoft acknowledged that CVE-2023-36884 had not yet been patched, but that it would “take appropriate action to protect our customers” after completing its investigation.

  1. Vulnerability: CVE-2023-32046

CVE-2023-32046, a Windows MSHTML platform elevation of privilege vulnerability, is also widely exploited. This zero-day vulnerability affects the Windows core MSHTML component used to generate HTML-like material. Kev Breen, director of cyberthreat research at Immersive Labs, warns, “It’s not limited to browsers. Other applications such as Office, Outlook, and Skype also use this component. The usual suspects—a malicious document attached to an email or a malicious website or webpage—can be attack vectors. According to Breen, “this vulnerability could be used as an initial infection vector,” enabling an attacker to execute code when the user clicks a link or opens a document.

  1. Vulnerability: CVE-2023-36874

CVE-2023-36874 is an elevation of privilege vulnerability, but it affects the Windows Error Reporting (WER) service. If this vulnerability is exploited correctly, an attacker can gain admin access. Tom Bowyer, who works on product security at Automax, said, “The WER service is a feature in Microsoft Windows operating systems that automatically collects and sends error reports to Microsoft when certain software crashes or encounters other types of errors.” Additionally, Bowyer added, “This zero-day vulnerability is actively exploited, so If your organization uses WER, we recommend patching within 24 hours.”

  1. Vulnerability: CVE-2023-32049

Another vulnerability that has gained attention is CVE-2023-32049. This is also widely exploited and affects the Windows SmartScreen feature. Chris Goitle, vice president of security products at Evanti, stated, “The CVE is considered significant, but Microsoft has confirmed reports of exploits for this vulnerability, which increases the criticality.”

Follow FE Tech Bytes Twitter, Instagram, LinkedIn, Facebook

Leave a Reply

Your email address will not be published. Required fields are marked *