© Copyright khedmeh Wall
Important Vulnerabilities in Microsoft’s
July 2023 Security Update
Background /
What has happened?
The Australian
Cyber Security Centre (ACSC) has reviewed the Microsoft July 2023 Security
Update.
The Security
Update provided patches for 132 vulnerabilities.
6
vulnerabilities are believed to have been exploited.
9
vulnerabilities are rated ‘Critical’.
The following
vulnerabilities are important based on their severity, widespread use of the
related product and/or likelihood of exploitation.
Office and Windows
HTML RCE unpatched 0-day (CVE-2023-36884)
A Critical rated
vulnerability which allows Arbitrary Code Execution in situations where victims
are convinced to open a malicious file.
The malicious
file may be of a type that the user likely considers safe, such as a word
document with no macros.
This is an
actively exploited 0-day vulnerability.
Microsoft has
not yet provided a patch, and all affected users are encouraged to apply
mitigations.
Mitigations are
found in the Microsoft Guidance page: (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884).
System
administrators should keep an eye out for a patch for this in future Microsoft
monthly releases.
Windows Remote
Desktop Authentication Bypass (CVE-2023-35352)
A Critical rated
vulnerability which allows attackers to bypass certain authentication
configurations.
Bypass
certificate or private key authentication when establishing a remote desktop
protocol session.
RDP is widely
used amongst organizations for remote workers, and internal systems.
Windows Message
Queuing RCE (CVE-2023-32057)
A Critical rated
vulnerability which allows attackers Remote Code Execution.
MSMQ is not
enabled by default. A user can check if MSMQ is running by looking for a
service called ‘Message Queuing’.
A user can also
check if TCP Port 1801 is listening on the machine.
Mitigation / How
do I stay secure?
Technical
subject matter experts that use Microsoft products should read the associated
security update guides available for their products.
General users
should consider enabling automatic patching of Microsoft products if they have
not already done so. Advice is available on the Protect Yourself: Updates page.
About Company
At Jypra Group,
we offer comprehensive, 365/24/7 cybersecurity and managed IT services tailored
to protect your business from evolving threats. Our suite of services includes
advanced endpoint security monitoring, malware and ransomware protection, threat
detection and response, and business email compromise protection. We also
provide proactive measures such as vulnerability assessments, mobile and
network security, penetration testing, and data loss prevention to ensure a
secure and resilient IT environment for your business.
Click Here For
More Info:- https://jypragroup.com.au/
Social Media
Profile Links:-
https://www.instagram.com/jypragroup
Important Vulnerabilities in Microsoft’s
July 2023 Security Update
Background /
What has happened?
The Australian
Cyber Security Centre (ACSC) has reviewed the Microsoft July 2023 Security
Update.
The Security
Update provided patches for 132 vulnerabilities.
Application Security Assessment
6
vulnerabilities are believed to have been exploited.
9
vulnerabilities are rated ‘Critical’.
The following
vulnerabilities are important based on their severity, widespread use of the
related product and/or likelihood of exploitation.
Office and Windows
HTML RCE unpatched 0-day (CVE-2023-36884)
A Critical rated
vulnerability which allows Arbitrary Code Execution in situations where victims
are convinced to open a malicious file.
The malicious
file may be of a type that the user likely considers safe, such as a word
document with no macros.
This is an
actively exploited 0-day vulnerability.
Microsoft has
not yet provided a patch, and all affected users are encouraged to apply
mitigations.
Mitigations are
found in the Microsoft Guidance page: (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884).
System
administrators should keep an eye out for a patch for this in future Microsoft
monthly releases.
Windows Remote
Desktop Authentication Bypass (CVE-2023-35352)
A Critical rated
vulnerability which allows attackers to bypass certain authentication
configurations.
Bypass
certificate or private key authentication when establishing a remote desktop
protocol session.
RDP is widely
used amongst organizations for remote workers, and internal systems.
Windows Message
Queuing RCE (CVE-2023-32057)
A Critical rated
vulnerability which allows attackers Remote Code Execution.
MSMQ is not
enabled by default. A user can check if MSMQ is running by looking for a
service called ‘Message Queuing’.
A user can also
check if TCP Port 1801 is listening on the machine.
Mitigation / How
do I stay secure?
Technical
subject matter experts that use Microsoft products should read the associated
security update guides available for their products.
General users
should consider enabling automatic patching of Microsoft products if they have
not already done so. Advice is available on the Protect Yourself: Updates page.
About Company
At Jypra Group,
we offer comprehensive, 365/24/7 cybersecurity and managed IT services tailored
to protect your business from evolving threats. Our suite of services includes
advanced endpoint security monitoring, malware and ransomware protection, threat
detection and response, and business email compromise protection. We also
provide proactive measures such as vulnerability assessments, mobile and
network security, penetration testing, and data loss prevention to ensure a
secure and resilient IT environment for your business.
Click Here For
More Info:- https://jypragroup.com.au/
Social Media
Profile Links:-
Just another post with A Gallery
Lorem ipsum dolor sit amet, consectetur
adipiscing elit. In sed vulputate massa. Fusce ante magna, iaculis ut purus ut,
facilisis ultrices nibh. Quisque commodo nunc eget tortor dapibus, et tristique
magna convallis. Phasellus egestas nunc eu venenatis vehicula. Phasellus et
magna nulla. Proin ante nunc, mollis a lectus ac, volutpat placerat ante.
Vestibulum sit amet magna sit amet nunc faucibus mollis. Aliquam vel lacinia
purus, id tristique ipsum. Quisque vitae nibh ut libero vulputate ornare quis in
risus. Nam sodales justo orci, a bibendum risus tincidunt id. Etiam hendrerit,
metus in volutpat tempus, neque libero viverra lorem, ac tristique orci augue
eu metus. Aenean elementum nisi vitae justo adipiscing gravida sit amet et
risus. Suspendisse dapibus elementum quam, vel semper mi tempus ac.
About Company
We have optimised streaming servers around
the globe. Allowing you to get the most from your existing streaming
subscriptions. Blazing fast speeds and avoid censorship.
A VPN is a much more sophisticated tool as
compared to a proxy. A VPN not only facilitates you to cope with censorship
concerns but it also takes care of your security. VPN constructs a secure
tunnel using different protocols (IKEv2 IPsec, OpenVPN, SSTP, SoftEther,
WireGuard) between your computer and your desired destination on the internet.
That’s not it, A VPN also uses high level encryption to encrypt all the traffic
passing through its servers.
Click Here For More Info - https://safenetvpn.com/
Social Media Links :- https://www.instagram.com/safenetvpn/