Hacker's Haven
Microsoft's Massive Security Update: 75 Vulnerabilities, 3 Zero-Day Flaws, and One Urgent Message to Apply Patches Now

Microsoft's Massive Security Update: 75 Vulnerabilities, 3 Zero-Day Flaws, and One Urgent Message to Apply Patches Now

Pushkar Sharma's photo
Pushkar Sharma
·

2 min read

On Tuesday, Microsoft issued security updates for 75 vulnerabilities across its product portfolio, with three of them already being exploited. The patches come after 22 flaws were addressed in the Chromium-based Edge browser over the past month. Out of the 75 issues, nine are deemed critical, and 66 are important. Of the 75 vulnerabilities, 37 are classified as remote code execution (RCE) bugs. The actively exploited zero-day flaws are identified as CVE-2023-21715, CVE-2023-21823, and CVE-2023-23376. The three zero-day flaws could bypass Microsoft Office macro policies used to block untrusted or malicious files or obtain SYSTEM privileges. The updates also include fixes for several RCE vulnerabilities in Exchange Server, ODBC Driver, PostScript Printer Driver, and SQL Server, as well as denial-of-service (DoS) issues affecting Windows iSCSI Service and Windows Secure Channel.

It is worth noting that Microsoft OneNote for Android is vulnerable to CVE-2023-21823. Users must apply the patches as the note-taking service is becoming a platform for malware delivery. Exchange servers have proven to be attractive targets as they can provide unauthorized access to sensitive information or facilitate Business Email Compromise (BEC) attacks. Other vendors such as Adobe, AMD, Android, Apple, Atlassian, Cisco, Citrix, Dell, Drupal, F5, GitLab, Google Chrome, HP, IBM, Intel, Juniper Networks, Lenovo, Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu, MediaTek, Mozilla Firefox, Firefox ESR, and Thunderbird, NETGEAR, NVIDIA, Palo Alto Networks, Qualcomm, Samba, Samsung, SAP, Schneider Electric, Siemens, Sophos, Synology, Trend Micro, VMware, Zoho, and Zyxel have also issued software patches to address vulnerabilities.

Thank you for reading our blog today. We hope you found the information helpful and informative. If you enjoyed this blog, be sure to follow us on Twitter, Instagram, Linkedin, GitHub, Website, and Youtube for more exciting content and updates. If you have any questions or comments, please feel free to reach out to us. We would love to hear from you. Don't forget to share this with your friends and family who may also find this information useful. Thank you for your support and stay tuned for more!

Did you find this article valuable?

Support Hacker's Haven by becoming a sponsor. Any amount is appreciated!

MicrosoftvulnerabilitySecurityHashnode