Headline

CVE-2023-24943

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

1 year ago

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2023, including vulnerabilities that were added between April and May Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. It’s been a […]

1 year ago

Alexander V. Leonov

Open in Source

#vulnerability #web #windows #google #microsoft #rce #ldap #auth #chrome #blog

Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years

One of the vulnerabilities is being actively exploited in the wild, according to Microsoft, the fourth month in a row in which this is the case.

1 year ago

TALOS

Open in Source

#vulnerability #web #mac #windows #microsoft #cisco #rce #ldap #auth #zero_day

CVE-2023-24943: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** When Windows Message Queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #windows #microsoft #rce #Windows PGM #Security Vulnerability