Dropbox Sign Breach Exposes Customer Data
Cloud storage giant Dropbox has recently disclosed a data breach affecting its eSignature service, Dropbox Sign (formerly HelloSign). The incident highlights the ongoing risks businesses…
Microsoft’s January 2023 Patch Tuesday addresses 11 critical vulnerabilities, with one actively exploited
Description:
Microsoft’s first Patch Tuesday of 2023 fixes 98 vulnerabilities, 11 of which have a critical CVSS severity rating. Of the 98, only one of the vulnerabilities patched this month has been classified as a zero-day, meaning it was actively exploited with no official fix available when first discovered.
The zero-day vulnerability, tracked as CVE-2023-21674, could lead to an attacker being able to escape the sandbox within a web browser and gain SYSTEM privileges if successfully exploited. The vulnerability has a CVSS score of 8.8 and only requires low-level privileges to exploit. However, the researchers who discovered the vulnerability, Jan Vojtěšek, Milánek, and Przemek Gmerek from Avast, shared with BleepingComputer that while they observed active exploitation of the vulnerability, they can say that the vulnerability is likely part of a longer infection chain. For the observed exploit to work, the attackers must have already obtained the ability to run native code within the sandboxed renderer process, something usually not possible to do on a fully patched browser.
Several other critical vulnerabilities are related to the Windows Layer 2 Tunnelling Protocol. CVE-2023-21556, CVE-2023-21555, CVE-2023-21543, CVE-2023-21546, and CVE-2023-21679 are all classed as remote code execution vulnerabilities.
There is also a critical vulnerability affecting Microsoft SharePoint Server, tracked as CVE-2023-21744, which is also a remote code execution vulnerability. Here, an authenticated attacker with permission to create a webpage on the targeted SharePoint server could execute code remotely on a SharePoint server by creating a site using specific code. This vulnerability pairs with CVE-2023-21743, allowing an unauthenticated attacker to bypass authentication and make an anonymous connection in a network-based attack.
Information specific to different versions of the Windows operating system, such as Windows Server and Microsoft Exchange servers, are linked within Microsoft’s article on the January 2023 Security Updates.
Applying these updates as soon as possible is highly recommended to mitigate the risk of attack on your device.
Related Links:
https://msrc.microsoft.com/update-guide/releaseNote/2023-Jan – Published January 10th
Related articles
Social Media Fraud: The Evolving Threat and How to Defend Yourself
Social media platforms offer connection and entertainment, but they’ve also become a hunting ground for sophisticated scammers. These criminals are increasingly turning to a combination…
DarkGate Malware: Threat Exploiting AutoHotkey
The DarkGate malware family, a persistent threat since 2018, has recently resurfaced in a sophisticated global campaign. This Remote Access Trojan (RAT), built using the…