After the discovery of two critical flaws that were massively exploited, Microsoft had to take action during its Patch Tuesday in May. In total, 60 vulnerabilities were urgently closed, some affecting very popular products like Windows or Office.
Cybersecurity is never a battle won in advance, even for a giant like Microsoft. Last Tuesday, the Redmond firm deployed a new round of fixes, almost half as many as for April 2024, as part of its traditional monthly update deadline, the famous Patch Tuesday.
This time, the teams had to tackle no fewer than 60 newly discovered security vulnerabilities on their various products and services. A heavy program which is explained in particular by the need to correct as quickly as possible two critical breaches already massively exploited by computer hackers.
Among the vulnerabilities filled, some affected solutions particularly popular with businesses and individuals such as the Windows OS, the Office suite tools or even the Edge and Internet Explorer browsers. Enough to once again underline the crucial importance of applying these security updates without delay if you are fully equipped with Microsoft.
From Windows to Office, Microsoft’s star products put to the test
Like every month, this new batch of patches published by Microsoft aims to correct multiple security vulnerabilities present on a wide variety of products, as demonstrated by the recent patch aimed at correcting VPN connection problems. And on this Patch Tuesday, once again some of the firm’s most popular solutions are affected by rather worrying vulnerabilities.
On the Windows OS, which is particularly exposed, no less than 15 flaws have been resolved. The majority allow hackers to escalate their privileges on a compromised device. But two of them (CVE-2023-29399 and CVE-2023-29241) are classified as critical, because they open the way to malicious code execution. Microsoft therefore strongly encourages users to correct them as a priority.
The different versions of the Edge browser (standard version, the one dedicated to businesses or IE compatibility) were not spared by 8 flaws in total either. Some would allow privilege escalation, while others would facilitate the leaking of sensitive information.
Ditto for Office solutions, with 9 vulnerabilities listed on the different applications of the office suite (Word and its “copy and paste” finally operational, Excel, PowerPoint, etc.). One of them (CVE-2023-29355) was even deemed critical by Microsoft, again for a risk of executing malicious code. Companies dependent on these solutions therefore have an interest in applying the patches as quickly as possible.
Two critical zero-day flaws exploited for cyberattacks
If the scale of Patch Tuesday in May illustrates the constant challenges in terms of cybersecurity, Microsoft especially had to focus as a priority on two critical flaws already exploited in the environment. Two so-called zero-day vulnerabilities which were obviously used by cybercriminals even before the publication of adequate patches.
The first (CVE-2023-28236) is a local elevation of privilege vulnerability affecting Windows servers, but also recent updated client versions. Without going into technical details, it allowed hackers to obtain unlimited rights on a compromised system by bypassing the protections in place.
According to analyzes by the cybersecurity company Mandiant, this zero-day flaw has been exploited since at least April 2023 by a group of hackers called UNC4890. Their targets? Companies from different sectors of activity, visibly with the aim of economic espionage and theft of sensitive data.
The other critical flaw (CVE-2023-28349) lies in the remote administration tool of the Windows operating system. It was detected as actively exploited by financially motivated cybercriminals this time. The Bohrium group is suspected of having used this zero-day breach to deploy ransomware.
So for your updates.
Source : Hacker News, Secure List
0