Kevin Breen, director of cyber threat research at Immersive Labs, pointed out that the security bulletin for CVE-2023-21823 specifically calls out OneNote as being a vulnerable component for the vulnerability. Researchers at cybersecurity forensics firm Mandiant were credited with reporting the bug. The third zero-day flaw already seeing exploitation is CVE-2023-21823, which is another elevation of privilege weakness - this one in the Microsoft Windows Graphic component. Let’s hope the fix comprehensively addresses the problem.” It’s always alarming when a security feature is not just bypassed but exploited. “Based on the write-up, it sounds more like a privilege escalation than a security feature bypass, but regardless, active attacks in a common enterprise application shouldn’t be ignored. “Microsoft lists this as under active exploit, but they offer no info on how widespread these exploits may be,” Childs said. The zero-day CVE-2023-21715 is a weakness in Microsoft Office that Redmond describes as a “security feature bypass vulnerability.” Either way, make sure you test and roll these fixes quickly.” Considering this was discovered by Microsoft’s Threat Intelligence Center, it could mean it was used by advanced threat actors. This is likely being chained with a remote code execution bug to spread malware or ransomware. “Microsoft does note that the vulnerability would allow an attacker to exploit code as SYSTEM, which would allow them to completely take over a target. “Sadly, there’s just a little solid information about this privilege escalation,” said Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative. Redmond flags CVE-2023-23376 as an “Important” elevation of privilege vulnerability in the Windows Common Log File System Driver, which is present in Windows 10 and 11 systems, as well as many server versions of Windows. Microsoft’s security advisories are somewhat sparse with details about the zero-day bugs. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks. Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |