Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Patch Tuesday, October 2023 Edition

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS.

Krebs on Security
#vulnerability#web#ios#windows#apple#google#microsoft#amazon#ddos#dos#rce#auth#zero_day#chrome#blog
GHSA-fr44-546p-7xcp: MsQuic Remote Denial of Service Vulnerability

### Impact The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service. ### Patches The following patch was made: - Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/d364feeda0dd8b729eca6fef149c1ef98630f0cb ### Workarounds Beyond upgrading to the patched versions, there is no other workaround.

Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug

October's CVE update is here. Here's which security vulnerabilities to patch now to exorcise your Microsoft systems demons.

Google Makes Passkeys Default for All Users

By Waqas Goodbye Passwords, or Not Yet? This is a post from HackRead.com Read the original post: Google Makes Passkeys Default for All Users

GHSA-xh5m-8qqp-c5x7: Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel

### Impact The MsQuic server application or process will crash, resulting in a denial of service. ### Patches The following patch was made: - Don't Allow Version Negotiation Packets for Server Connections - https://github.com/microsoft/msquic/commit/3226cff07d22662f16fc98d605656860e64cd343 ### Workarounds Beyond upgrading to the patched versions, there is no other workaround. You must upgrade or disable MsQuic functionality.

CVE-2023-31096: kernel driver bughunting: exploiting a stack-based buffer overflow

An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns.

CVE-2023-36565

Microsoft Office Graphics Elevation of Privilege Vulnerability

CVE-2023-36566

Microsoft Common Data Model SDK Denial of Service Vulnerability

CVE-2023-36730

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2023-36728

Microsoft SQL Server Denial of Service Vulnerability