Microsoft releases fixes for its 97 flaws and 1 zero-day vulnerability

Microsoft releases fixes for its 97 flaws and 1 zero-day vulnerability

Microsoft is known for its regular security updates and fixes. Every month, Microsoft releases security updates for its Windows and other products, specifically on the second Tuesday of the month. This month they have focused on fixing their repeatedly exploited zero-day and many other vulnerabilities.

Around 97 security fixes were released by Microsoft for its components and products including:

• NET Core
• MS Office applications 
• Windows Active Directory 
• Kernel, the Azure cloud platform 
• Windows 32K API, and 
• Windows

Many security experts have commented that this month’s fix for zero-day vulnerability was a big relief for cybersecurity since it was one of the most exploited vulnerabilities.

Let’s take a closer look at the security updates and fixes that they have released through our blog.

Fix for over 97 Vulnerabilities

Last week, Microsoft released fixes for 17 Edge-related flaws and non-security updates for its Windows 11 OS, specifically – KB5025239 and Windows 10 – KB5025221 & KB5025229.  Microsoft has released security fixes for over seven critical vulnerabilities that allowed remote code execution.

Out of the 97 vulnerabilities, 45 were remote code execution vulnerabilities, 20 were elevation of privilege vulnerabilities, 8  were security feature bypass vulnerabilities, 10  were information disclosure vulnerabilities, around 6 were spoofing vulnerabilities and 9 were denial of service vulnerabilities.

Highly exploited zero-day vulnerability finally fixed

Through this month’s Update Tuesday, Microsoft released a security fix zero-day vulnerability CVE- 2023-28252 or ”Windows Common Log System Driver Elevation of Privilege Vulnerability” that is being exploited widely by cyber criminals in industries such as retail, energy, and healthcare. It is also currently being used to spread the Nokoyawa ransomware. 

These security updates are critical since attackers somehow bypass the vulnerabilities to engage in organization-wide breaches that impact operations at large, causing damage. You can check the complete list of fixes here. 

The following are some of the most exploited vulnerabilities that Microsoft has released fixes for: 

CVE 2023 28252	Zero Day	Common Log File System Driver (CLFS)	Critical
CVE 2023 21554	RCE	Microsoft Message Queuing (MSMQ)	High
CVE 2023 28250	RCE	Pragmatic General Multicast (PGM)	High
CVE 2023 2823	RCE	Dynamic Host Configuration protocol server service	High

In addition to the security updates and fixes, they also announced the end of Microsoft Exchange Server 2013. The Exchange Server was targeted by more than ten ransomware groups in 2022, with most vulnerabilities being targeted even by most state-sponsored threat actors.

Apart from Microsoft, companies have also released security updates this month including Adobe, Google, Cisco, Apple and SAP.  

How SharkStriker assists you with Proactive Threat Hunting?

At SharkStriker, we keep our clients two moves ahead of attackers. We have a 24x7x365 dedicated team that ensures that your cybersecurity stays up-to-date with the latest developments in the threat landscape. 

Our SOC team is actively monitoring the threat landscape for the vulnerabilities specific to Microsoft products and components. We have developed various detection capabilities pertaining to the above vulnerabilities. 

Our threat hunters are actively monitoring customer environments and assisting them to stay up to date with the fixes and security updates released by vendors through effective patch management.

If you are one of our clients, please keep an eye out for our internal advisories and updates on this.

To wrap it up

Microsoft has released some critical and highly important security updates that include one zero-day vulnerability that is being exploited by attackers repeatedly, especially in the healthcare, energy, and retail industries. 

With our blog, we have explored the updates and their impact on their products and components. If you are a business owner looking for a cybersecurity service that assists you in improving your cybersecurity posture, then you are at the right place. 

We offer holistic cybersecurity services ranging from security assessment, implementation, and monitoring. If you are interested, mail us and we will schedule a call with our cybersecurity experts who will guide you better through a tailored service that best fits your budget and scope.