Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild. Microsoft Patch Tuesday security updates for November 2023 addressed 63 new vulnerabilities in Microsoft Windows and Windows Components; Exchange Server; Office and Office Components; ASP.NET and .NET Framework; Azure; Mariner; Microsoft Edge (Chromium-based), Visual Studio, and Windows Hyper-V. Three vulnerabilities […]

Microsoft Patch Tuesday

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild.

Microsoft Patch Tuesday security updates for November 2023 addressed 63 new vulnerabilities in Microsoft Windows and Windows Components; Exchange Server; Office and Office Components; ASP.NET and .NET Framework; Azure; Mariner; Microsoft Edge (Chromium-based), Visual Studio, and Windows Hyper-V.

Three vulnerabilities addressed by the IT giant are are rated Critical, 56 are rated Important, and four are rated Moderate in severity.

Three of these vulnerabilities are actively exploited in attacks in the wild:

–       CVE-2023-36033 – Windows DWM Core Library Elevation of Privilege Vulnerability
An attacker can trigger this vulnerability to elevate privileges through the Windows Desktop Manager (DWM). An attacker can exploit the flaw to gain SYSTEM privileges and chaining this issue with a remote code execution bug can compromise a system.

–       CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
An attacker can exploit this flaw to gain SYSTEM privileges. “This driver is used for managing and facilitating the operations of cloud-stored files. It’s loaded by default on just about every version of Windows, so it provides a broad attack surface.” reads the post published by ZDI. “Again, this bug is likely being paired with a code execution bug in attacks.”

–       CVE-2023-36025 – Windows SmartScreen Security Feature Bypass Vulnerability
An attacker can exploit this flaw to bypass Windows Defender SmartScreen checks and other prompts. This flaw can be exploited in phishing campaigns to evade user prompts that would warn recipients about opening a malicious document.

The most severe flaw addressed by Microsoft Patch Tuesday security updates for November 2023 is a Windows Pragmatic General Multicast (PGM) Remote Code Execution issue tracked as CVE-2023-36397 (CVSS 9.8). A remote, unauthenticated attacker can exploit this flaw to execute code with elevated privileges without user interaction.

The full list of vulnerabilities addressed by Microsoft for November 2023 is available here.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday security updates for November 2023)