opksoho.blogg.se

"That combination makes this bug wormable - at least through systems that meet the target requirements," Childs noted.ĬVE-2023-23415 is another critical, 9.8-rated RCE bug that, according to Childs, is also potentially wormable. The miscreant could then execute code at SYSTEM level without any user interaction. It affects Windows 11 and Windows Server 2022.Ī remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted packet to a targeted server that uses the HTTP Protocol Stack (http.sys), according to Microsoft. Of the other critical-rated vulnerabilities: we'd suggest patching CVE-2023-23392, a 9.8 CVSS-rated HTTP protocol stack remote code execution (RCE) bug, next. The TAG team has documented more than 100,000 downloads to date, mostly in Europe, so although this vulnerability only received a 5.4 CVSS, unless you want to deal with encrypted systems and extortion, patch now. Google's Threat Analysis Group (TAG) spotted this issue first and said it's being used to deliver Magniber ransomware. Remember, dear reader: CVSS is only a number and does not indicate real-world risks. This new vulnerability, CVE-2023-24880 is a Windows SmartScreen security feature bypass bug, and allows attackers to create malicious files that can bypass Mark-of-the-Web security features. While it's only rated 5.4/10, it's already being exploited by crooks demanding ransom payments. The second bug under active exploit is publicly known, and related to a similar vulnerability, CVE-2022-44698, that Microsoft fixed in December 2022.

The flaw was reported to the IT giant by Ukraine's CERT as well as by the Windows maker's internal threat intelligence and research teams. As to who was abusing the security shortcoming in the first place, Microsoft pointed the finger at someone in Russia carrying out "targeted attacks against a limited number of organizations in government, transportation, energy, and military sectors in Europe."