Microsoft flaws

Microsoft Addresses 132 Security Flaws, Including Six Under Active Attack

Recently, Microsoft released a number of critical security updates to tackle a total of 132 flaws in its software, with six of them currently being exploited by attackers. The severity of vulnerabilities ranges from nine marked as critical and 122 as important. Remarkably, these patches include solutions for faults reported in the Chromium-based Edge browser.

Active Exploitation and Specific Flaws

Among the actively exploited vulnerabilities, includes:

  • CVE-2023-32046  – Windows MSHTML Platform Elevation of Privilege Vulnerability
  • CVE-2023-32049 – Windows MSHTML Platform Elevation of Privilege Vulnerability
  • CVE-2023-35311Microsoft Outlook Security Feature Bypass Vulnerability                   
  • CVE-2023-36874Windows Error Reporting Service Elevation of Privilege Vulnerability
  • CVE-2023-36884 – Office and Windows HTML Remote Code Execution Vulnerability
  • ADV230001 – Malicious use of Microsoft-signed drivers for post-exploitation activity

The flaws addressed by Microsoft’s latest patches consist of a wide range of products, including Windows operating systems, Microsoft Office, Exchange Server, Azure, and more. These vulnerabilities vary in severity, with some allowing attackers to carry out isolated code execution, trespass security features, and execute malicious activities.

Microsoft has also observed some attacks directed toward defense and government entities in Europe and North America, focusing on CVE-2023-36884. The attackers have been using crafted Microsoft Office documents linked to the Ukrainian World Congress to execute malicious code. Microsoft has related these attacks to a Russian cybercriminal group known as Storm-0978.

Mitigation Measures and Recommendations

In reply to the continuing exploitation, Microsoft plans to act through an out-of-band(OOB) security update. Meanwhile, users should take prompt action to apply the security updates. They have advised users to employ some extra protection by enabling the “Block all Office applications from creating child processes” attack surface reduction (ASR) rule.

This release of Microsoft’s patches highlights the importance of prompt updates of software to address security vulnerabilities. Moreover, with active exploitation underway and the potential impact on organizations, users should take immediate action to apply the updates and ensure their systems are protected. Additionally, the ongoing efforts of many software vendors to tackle vulnerabilities show the collective effort to enhance security and protect users from such cyber threats.

For more news and updates on Cybersecurity, visit The Cybersecurity Club.

Critical Vulnerabilities Unveils In Microsoft’s September Patch Tuesday

CISA Adds Actively Exploited Flaw in .NET and Visual Studio to Known Vulnerabilities List

Dutch Government Puts Ban on Chinese Apps for Officials Due to Security Risks

Atlassian Confluence Vulnerabilities Exploit By Ransomware