75 Microsoft Windows OS-Schwachstellen | Runecast

Microsoft fixed 75 security flaws in its second Patch Tuesday of 2023, including 3 that were exploited in the wild. 9 Common Vulnerabilities and Exposures (CVEs) were rated ‘Critical’ and 66 rated as ‘Important’ which includes two undisclosed vulnerabilities that are already being exploited by attackers.

Below is a summary of some of the patched vulnerabilities.

Notable and Critical Microsoft Vulnerabilities

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution:

• CVE-2023-21689, CVE-2023-21690 and CVE-2023-21692 are RCE vulnerabilities in Windows OS and have been allocated a CVSSv3 score of 9.8. Microsoft PEAP is a secure implementation of Extensible Authentication Protocol (EAP) that provides encryption and authenticated Transport Layer Security (TLS) tunnel to establish secure connections with wireless clients. Successful exploitation allows a remote, unauthenticated attacker to execute arbitrary code. For the target to be vulnerable, it must be running Network Policy Server and configured with a network policy that allows PEAP. All 3 vulnerabilities do not require special privileges or user interaction. 
  

Windows iSCSI Discovery Service Remote Code Execution Vulnerability:   

• CVE-2023-21803 affects only 32 bit versions of Windows. This vulnerability can be exploited by sending a malicious crafted DHCP discovery request to a Windows Host running iSCSI Discovery Service. In case of successful exploitation, the attacker will be able to execute code remotely. The vulnerability can only be exploited if the iSCSI initiator client application is running. The iSCSI client application is not enabled by default.
  

Windows Common Log File System Driver Elevation of Privilege Vulnerability

• CVE-2023-23376 is an Elevation of Privilege Vulnerability in Windows OS that has been exploited in the wild. The vulnerability exists in the Common Log File System (CLFS) Driver, a logging service used by kernel-mode and user-mode applications. It can be exploited after an attacker has gained access to a vulnerable target in order to gain SYSTEM privileges. 
  

Windows Graphics Component Elevation of Privilege Vulnerability

• CVE-2023-21823 is another Elevation of Privilege Vulnerability that has been exploited in the wild as a zero day. It affects Windows Graphics components used in various products such as Windows OS, Office desktop and Mobile apps. Exploitation of this flaw requires an attacker to log onto a vulnerable system and execute a specially crafted application. Successful exploitation will help the attacker gain and execute code with SYSTEM privileges.    
  

Nearly half of the CVEs disclosed by Microsoft this month are Remote Code Execution (RCE) Vulnerabilities. The impact of an RCE vulnerability can range from malware execution to an attacker gaining full control over a compromised system. It is highly recommended to keep all systems up to date in order to mitigate or minimize the risk of an unfortunate event.

Runecast schützt Sie vor all dem

At Runecast we ensure that all the operating systems vulnerabilities are covered, so you can focus on mitigating threats and ensuring your system is running safe and secure. We keep you updated about the latest vulnerabilities, exploits and security compliance research and pride ourselves on responding quickly and decisively to key news in the IT Security and Operations spaces.

Runecast ist eine KI-gestützte Plattform, die Ihnen vollständige Transparenz und Kontrolle über potenzielle Schwachstellen in Ihrer Umgebung bietet. Sie bietet Best Practices, risikobasiertes Schwachstellenmanagement, Sicherheit und Compliance, um sicherzustellen, dass jeder Aspekt Ihrer Umgebung geschützt ist. Darüber hinaus liefert Runecast explizite Anweisungen und generiert benutzerdefinierte Abhilfeskripte, die eine schnelle Einhaltung der Vorschriften in der Umgebung gewährleisten. Die Runecast-Plattform kann in AWS-, Azure-, Google Cloud-, Kubernetes- und VMware-Umgebungen implementiert werden und arbeitet sicher vor Ort.