![]() ![]() The hash can be leveraged to carry out an NTLM Relay attack against another service to authenticate as the user. Microsoft is aware of the active exploitation of this vulnerability that could allow an attacker to access a user’s Net-NTLMv2 hash. Zero-day Vulnerabilities Patched in March Patch Tuesday Edition CVE-2023-23397 – Microsoft Outlook Elevation of Privilege Vulnerability Adobe anticipates that they won’t be exploited in the future. All the other advisories have a priority rating of 3 from Adobe, meaning none of the other vulnerabilities are known to be currently exploited. Adobe ColdFusion (APSB23-25) has a Priority rating of 1 because Adobe is aware that CVE-2023-26360 is being exploited in the wild. The advisories cover a total of 101 vulnerabilities, out of which 60 are rated critical that affect Adobe Commerce and Magento (4), Adobe Illustrator (4), Adobe Dimension (40), Adobe Creative Cloud (1), Adobe Photoshop (1), Adobe ColdFusion (2), and Adobe Substance 3D Stager (11). ![]() The March 2023 Microsoft vulnerabilities are classified as follows: Vulnerability CategoryĪdobe has released a total of 8 advisories for the month of March. ![]() Microsoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Remote Code Execution (RCE), Security Feature Bypass, and Spoofing. This month’s Patch Tuesday edition includes updates for vulnerabilities in Microsoft Office and Components Microsoft Dynamics, Microsoft OneDrive, Microsoft Windows Codecs Library, Client Server Runtime Subsystem (CSRSS), Internet Control Message Protocol (ICMP), Microsoft PostScript Printer Driver. Out of the 101 vulnerabilities, nine are rated as critical, 70 as important, and one as moderate. CISA has also added those two vulnerabilities, CVE-2023-24880 and CVE-2023-23397, to its Known Exploitable Vulnerabilities Catalog after Microsoft released this month’s Patch Tuesday update. Microsoft has also addressed two zero-day vulnerabilities known to be exploited in the wild. Microsoft has addressed 101 vulnerabilities in the month of March, including 22 Microsoft Edge (Chromium-based) vulnerabilities. Let’s go through this month’s Patch Tuesday details and discuss the security updates. This month’s updates addressed various vulnerabilities in different products. Microsoft has released its monthly security update for March 2023. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |