Two Exploited Bugs Addressed in Microsoft’s Latest Patches

Two Exploited Bugs Addressed in Microsoft’s Latest Patches

Microsoft Releases 76 Fixes in Latest Patch Tuesday Collection.

 

Microsoft has released a collection of 76 fixes for various vulnerabilities as part of its Patch Tuesday update. Of these, two bugs are currently under active exploitation.

 

One of the bugs, CVE-2023-23415, appears to be a “ping of death” and is an ICMP remote code execution (RCE) vulnerability with a CVSS score of 9.8. Attackers can exploit this by sending a fragment inside another ICMP packet to the target. However, successful exploitation requires an application on the target to be bound to a raw TCP/IP socket.

 

Another vulnerability, CVE-2023-23397, is a Microsoft Outlook privilege escalation rated critical with a CVSS score of 9.1. This vulnerability has already been exploited in the wild and is a spoofing attack that allows attackers to access a user’s Net-NTLMv2 hash. Attackers can use this hash as a basis for an NTLM Relay attack against another service to authenticate as the user. The vulnerability is exploited by getting the Outlook client to process a malicious email and can lead to exploitation before the attack message is viewed in the Preview Pane.

 

CVE-2023-23392 is an RCE vulnerability in the Windows Server HTTP protocol stack. Microsoft has provided scant details about the bug but has noted that it first appeared in Windows Server 2022 and requires the HTTP/3 protocol to be enabled with the server using buffered I/O.

 

CVE-2023-21708 has also been rated 9.8 on the CVSS scale. It requires an unauthenticated attacker to send a specially crafted RPC call to an RPC host, allowing for remote code execution on the server side with the same permissions as the RPC service. Microsoft recommends blocking TCP port 135 at the perimeter to mitigate this vulnerability.

 

Finally, CVE-2023-23416 is rated critical but can only be exploited if the attacker gets a user to import a malicious certificate to their machine. The second vulnerability, CVE-2023-24880, only carries a CVSS score of 5.4 and is a Mark of the Web bug that allows attackers to bypass Windows SmartScreen.