Cyber security News
From Search Results to Malware Lures: SEO Poisoning
Qakbot: The Evil Duck Reappears
Structural Foundations of Windows Architecture
LockBit 3.0 and Citrix Bleed Vulnerability (CVE-2023-4966)
Generative AI and Cybersecurity: New Threat Landscape
LockBit Ransomware Surge in 2023: A Record-Breaking Menace
Microsoft’s November 2023 Patch:Confronts Five Zero-Day Threats
Threat of Malvertising in the Cybersecurity Landscape
Cybersecurity News: Nov 5-Nov 11
What it takes to be a proficient threat hunter

Secknowers

The one who knows Security

News

Microsoft’s November 2023 Patch:Confronts Five Zero-Day Threats

The November 2023 Microsoft Patch Tuesday addressed several critical vulnerabilities, it addressed 75 vulnerabilities, with a focus on various critical areas. Three were rated critical, with one being an elevation of privilege in the Windows Common Log File System Driver, allowing attackers to elevate their system privileges. Another critical issue was a remote code execution vulnerability in Microsoft SharePoint, where an authenticated attacker could create a site and remotely execute code. Microsoft Exchange Server also had a remote code execution vulnerability, potentially allowing authenticated users with LAN access to perform remote code execution on the server mailbox back-end as NT AUTHORITY\SYSTEM.

Zero-day vulnerabilities

CVE-2023-36025: A Windows SmartScreen security feature bypass vulnerability that could be exploited via a specially crafted Internet Shortcut or hyperlink​.

CVE-2023-36033: An elevation of privilege vulnerability in the Windows DWM Core Library​

CVE-2023-36028: A critical remote code execution flaw​

CVE-2023-36397: Another critical remote code execution vulnerability​

CVE-2023-38545: A critical heap-based buffer overflow in the curl library​​.

Other Vulnerabilities

Here are some important CVEs other than the zero-days, addressed in the November 2023 Patch Tuesday

  • Elevation of Privilege Vulnerability:
    • CVE-2023-36036: Windows Cloud Files Mini Filter Driver
    • CVE-2023-36400: Windows HMAC Key Derivation
    • CVE-2023-36399: Windows Storage
  • Remote Code Execution Vulnerability:
    • CVE-2023-36397: Windows Pragmatic General Multicast (PGM)
    • CVE-2023-38177: Microsoft SharePoint Server
    • CVE-2023-36439: Microsoft Exchange Server
  • Information Disclosure Vulnerability:
    • CVE-2023-36052: Azure CLI REST Command
  • Denial of Service Vulnerability:
    • CVE-2023-36038: ASP.NET Core
  • Security Feature Bypass Vulnerability:
    • CVE-2023-36025: Windows SmartScreen

In conclusion, Microsoft’s November 2023 Patch Tuesday was a robust response to a diverse set of vulnerabilities threatening the cybersecurity landscape. By addressing five zero-day vulnerabilities, along with a spectrum of other critical security flaws ranging from remote code execution to privilege elevation, Microsoft has taken decisive action to fortify its software against potential cyber-attacks.

Related Post

News

From Search Results to Malware Lures: SEO Poisoning

News Threat Intel

Qakbot: The Evil Duck Reappears

News Threat Intel

LockBit 3.0 and Citrix Bleed Vulnerability (CVE-2023-4966)