Why Do We Need Cyber Security from mj5121959's blog

Important Vulnerabilities in Microsoft’s July 2023 Security Update

Background / What has happened?

The Australian Cyber Security Centre (ACSC) has reviewed the Microsoft July 2023 Security Update.

The Security Update provided patches for 132 vulnerabilities.

Why Do We Need Cyber Security

6 vulnerabilities are believed to have been exploited.

9 vulnerabilities are rated ‘Critical’.

The following vulnerabilities are important based on their severity, widespread use of the related product and/or likelihood of exploitation.

Office and Windows HTML RCE unpatched 0-day (CVE-2023-36884)

A Critical rated vulnerability which allows Arbitrary Code Execution in situations where victims are convinced to open a malicious file.

The malicious file may be of a type that the user likely considers safe, such as a word document with no macros.

This is an actively exploited 0-day vulnerability.

Microsoft has not yet provided a patch, and all affected users are encouraged to apply mitigations.

Mitigations are found in the Microsoft Guidance page: (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884).

System administrators should keep an eye out for a patch for this in future Microsoft monthly releases.

Windows Remote Desktop Authentication Bypass (CVE-2023-35352)

A Critical rated vulnerability which allows attackers to bypass certain authentication configurations.

Bypass certificate or private key authentication when establishing a remote desktop protocol session.

RDP is widely used amongst organizations for remote workers, and internal systems.

Windows Message Queuing RCE (CVE-2023-32057)

A Critical rated vulnerability which allows attackers Remote Code Execution.

MSMQ is not enabled by default. A user can check if MSMQ is running by looking for a service called ‘Message Queuing’.

A user can also check if TCP Port 1801 is listening on the machine.

Mitigation / How do I stay secure?

Technical subject matter experts that use Microsoft products should read the associated security update guides available for their products.

General users should consider enabling automatic patching of Microsoft products if they have not already done so. Advice is available on the Protect Yourself: Updates page.

About Company

At Jypra Group, we offer comprehensive, 365/24/7 cybersecurity and managed IT services tailored to protect your business from evolving threats. Our suite of services includes advanced endpoint security monitoring, malware and ransomware protection, threat detection and response, and business email compromise protection. We also provide proactive measures such as vulnerability assessments, mobile and network security, penetration testing, and data loss prevention to ensure a secure and resilient IT environment for your business.

Click Here For More Info:-  https://jypragroup.com.au/

Social Media Profile Links:-

https://x.com/JypraGroup

https://www.instagram.com/jypragroup

 

 


Previous post     
     Blog home

The Wall

No comments
You need to sign in to comment

Post

By mj5121959
Added Oct 1

Rate

Your rate:
Total: (0 rates)

Archives