Microsoft urges immediate patching for critical Windows Server vulnerability (CVE-2023-XXXXX) with CVSS 9.8 score, as exploit code is now circulating in the wild.
Microsoft has issued an emergency security advisory for a critical remote code execution vulnerability affecting Windows Server products. The vulnerability, tracked as CVE-2023-XXXXX, is now being actively exploited in the wild, according to the Microsoft Security Response Center (MSRC).
The flaw allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges on vulnerable systems. Successful exploitation could lead to complete compromise of affected servers.
Affected versions include:
- Windows Server 2022 (all editions)
- Windows Server 2019 (all editions)
- Windows Server 2016 (all editions)
- Windows Server 2012 R2 (all editions)
The vulnerability carries a CVSS score of 9.8 (Critical), with no user interaction required for exploitation.
Microsoft has released security updates as part of its July 2023 Patch Tuesday. Organizations are urged to apply these updates immediately.
Mitigation steps:
- Install the security updates provided in Microsoft Security Advisory ADV2300XX
- For systems unable to be patched immediately, implement the workarounds detailed in the advisory
- Monitor for suspicious activity, particularly lateral movement attempts
- Ensure proper network segmentation to limit potential blast radius
The vulnerability was first reported to Microsoft on June 15, 2023, with patches released on July 11, 2023. Microsoft credits security researchers from XYZ Security for discovering the vulnerability.
Additional information is available in the Microsoft Security Response Center blog and the official Security Update Guide.
Comments
Please log in or register to join the discussion