Credential Stuffing Surge Targets Businesses and Individuals.
The recent surge in credential stuffing attacks highlighted by Okta serves as a stark reminder of the importance of robust cyber security practices. These attacks…
Microsoft Patch Tuesday Fixes Nine Critical Vulnerabilities
Microsoft’s November Patch Tuesday addresses 62 vulnerabilities, nine of which are critical. Six of the vulnerabilities are actively exploited zero-days, which includes two used in ProxyNotShell attacks (CVE-2022-41082 and CVE-2022-41040) affecting on-premise Microsoft Exchange Servers.
The other four actively exploited vulnerabilities include:
- CVE-2022-41091 – Windows Mark of the Web Security Feature Bypass Vulnerability allows for an attacker to craft a malicious file that would evade Mark of the Web defences. The hacker could use a malicious website or a specially crafted .url file to exploit the bypass. The vulnerability requires the user to take action, such as clicking on a link or malicious attachment within a phishing email.
- CVE-2022-41128 – Windows Scripting Languages Remote Code Execution Vulnerability impacts the Jscript9 scripting language. It allows for an attacker hosting a specially crafted server share or website to execute code remotely, providing they can convince a user to visit the server share or website, possibly through phishing emails or chat messages.
- CVE-2022-41073 – Windows Print Spooler Elevation of Privilege Vulnerability allows an attacker to gain system privileges if successfully exploited.
- CVE-2022-41125 – Windows CNG Key Isolation Service Elevation of Privilege Vulnerability also allows an attacker to gain system privileges if successfully exploited.
Microsoft is urging administrators to patch systems as soon as possible, as threat actors are actively exploiting several of these vulnerabilities.
Microsoft has published a security update guide for this month’s Patch Tuesday, which includes technical descriptions of all vulnerabilities fixed.
Related Links:
https://www.tenable.com/blog/microsofts-november-2022-patch-tuesday-addresses-62-cves-cve-2022-41073 -Published 8th November
https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov – Published 8th November
Related articles
Cisco Firewall Vulnerabilities: Urgent Action Needed to Protect Against State-Sponsored Espionage
Businesses and organisations relying on Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defence (FTD) firewalls are being advised to take immediate action to protect…
Cybercriminals Threaten Release of Sensitive World-Check Database
A recent cyber attack has resulted in a serious data breach affecting the World-Check database, a critical tool used by financial institutions and other organisations…