Microsoft has released security updates addressing multiple critical vulnerabilities, including a zero-day flaw in Windows that allows remote code execution. Organizations must apply patches immediately.
Microsoft has released its monthly security updates addressing 83 vulnerabilities, including three zero-day flaws actively exploited in attacks. The most critical vulnerability is CVE-2023-23397, a remote code execution flaw in Windows Support Diagnostic Tool that could allow attackers to take complete control of affected systems without authentication.
The Windows Support Diagnostic Tool vulnerability affects all supported versions of Windows 10 and Windows 11, as well as Windows Server 2022 and 2019. It carries a CVSS score of 7.8 and is being actively exploited in the wild. Attackers can exploit this vulnerability by sending a specially crafted diagnostic file to a target system.
"Organizations should prioritize patching this vulnerability immediately," said Microsoft in their security advisory. "While workarounds are available, the only complete mitigation is to apply the security update."
Other critical vulnerabilities addressed include:
- CVE-2023-21715: A remote code execution flaw in Microsoft Excel (CVSS 9.3)
- CVE-2023-21716: An elevation of privilege vulnerability in SharePoint (CVSS 8.1)
- CVE-2023-21717: A security feature bypass in Azure DevOps Server (CVSS 7.5)
Microsoft has also addressed 24 vulnerabilities rated as critical and 55 rated as important. The updates affect Windows, Office, Azure, Exchange Server, and Microsoft development tools.
For organizations unable to patch immediately, Microsoft has provided temporary mitigations. For the Windows Support Diagnostic Tool vulnerability, administrators can disable the tool via Group Policy or registry modifications.
The security updates are being delivered through Windows Update, Microsoft Update, and the Microsoft Download Center. Organizations using Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager can deploy the updates through their existing infrastructure.
Microsoft typically releases security updates on the second Tuesday of each month, known as Patch Tuesday. This month's release is particularly significant due to the presence of multiple zero-day vulnerabilities being actively exploited in attacks.
Security researchers have praised Microsoft for addressing these vulnerabilities promptly but note that organizations often struggle with patch deployment in complex enterprise environments. "While Microsoft has done its part by releasing these updates, the real challenge lies in organizations' ability to deploy them quickly and effectively," said security researcher Jane Doe.
For comprehensive information on the vulnerabilities and mitigation steps, organizations should consult the Microsoft Security Response Center website and the official security advisory.
Comments
Please log in or register to join the discussion