On Patch Tuesday in October, Microsoft closed, among other things, 13 “critical” security holes in its software products. Attackers are currently exploiting three vulnerabilities.
Microsoft Zero Days: Ongoing attacks
Attackers have targeted a vulnerability (CVE-2023-44487, “high”) in the HTTP/2 protocol. The security issue affects multiple versions of Windows and Visual Studio. DoS conditions can occur here.
Another attacked vulnerability (CVE-2023-36563, “medium”) affects WordPad. For an attack to work, an attacker must already be logged on to a system and be able to run a crafted application. Alternatively, a victim would have to open a file prepared by attackers. If this is the case, attackers can access NTML hashes and, according to Microsoft, gain control of a PC.
The third vulnerability that has already been exploited (CVE-2023-41763, “medium”) is in Skype for Business. At this point, attackers can trigger and redirect an HTTP request via a call. This is how access to sensitive information is conceivable.
More security vulnerabilities
In addition, the Layer 2 tunneling protocol is vulnerable to attacks and malicious code can be executed in this context. A vulnerability (CVE-2023-35349) in Message Queuing is considered “critical”. This allows attackers to insert and execute malicious code onto systems. If the service is active on multiple systems, malicious code can spread like a worm and infect other computers.
Azure and Microsoft DirectMusic, among others, are also vulnerable to malicious code attacks. Microsoft lists further information about affected products and available security patches in the Security Update Guide.
To the home page
#Patchday #Microsoft #Attacks #Skype #Business #WordPad