Categorie
Sicurezza Informatica

Microsoft: corrette 3 vulnerabilità zero-day e 104 difetti nel Patch Tuesday

Tempo di lettura: 5 minuti. Gli aggiornamenti di Microsoft servono come un promemoria che, in un mondo sempre più connesso, la protezione dei nostri sistemi e dati è una responsabilità che non possiamo permetterci di ignorare.

Tempo di lettura: 5 minuti.

Il Patch Tuesday di ottobre 2023 di Microsoft ha portato con sé aggiornamenti di sicurezza per 104 difetti, tra cui tre vulnerabilità zero-day attivamente sfruttate. Di questi, ben quarantacinque sono bug di esecuzione di codice remoto (RCE), ma solo dodici sono stati classificati come “Critici” da Microsoft, tutti rientranti nella categoria RCE.

Ecco una ripartizione delle vulnerabilità per categoria:

  • Elevazione dei privilegi: 26 vulnerabilità
  • Bypass delle funzionalità di sicurezza: 3 vulnerabilità
  • Esecuzione di codice remoto: 45 vulnerabilità
  • Divulgazione di informazioni: 12 vulnerabilità
  • Denial of Service: 17 vulnerabilità
  • Spoofing: 1 vulnerabilità

Va notato che il totale di 104 difetti non comprende una vulnerabilità di Chromium, identificata come CVE-2023-5346, che Google ha corretto il 3 ottobre e che è stata successivamente integrata in Microsoft Edge.

Focus sulle vulnerabilità zero-day Questo mese, Microsoft ha affrontato tre vulnerabilità zero-day:

  1. CVE-2023-41763 – Questa vulnerabilità riguarda Skype for Business ed è classificata come un bug di elevazione dei privilegi. È stato rivelato che Microsoft aveva precedentemente rifiutato di correggere questo difetto, nonostante fosse stato segnalato nel settembre 2022.
  2. CVE-2023-36563 – Questa vulnerabilità in Microsoft WordPad può essere sfruttata per rubare hash NTLM quando si apre un documento con il programma.
  3. CVE-2023-44487 – Conosciuto come “HTTP/2 Rapid Reset”, questo nuovo metodo di attacco DDoS ha infranto tutti i record precedenti di attacchi di questo tipo.

Aggiornamenti da altri fornitori Oltre a Microsoft, altri fornitori hanno rilasciato aggiornamenti o avvisi nel mese di ottobre 2023:

  • Apple ha corretto due vulnerabilità zero-day con iOS 17.0.3.
  • Arm ha segnalato nuovi difetti nella GPU Mali.
  • Cisco ha rilasciato aggiornamenti per vari prodotti.
  • Citrix ha corretto un difetto in Citrix NetScaler ADC e Gateway.
  • D-Link ha rilasciato dettagli tecnici per un zero-day nel suo range extender WiFi 6 DAP-X1860.
  • Exim ha patchato tre dei sei zero-day segnalati.
  • Google ha rilasciato gli aggiornamenti di sicurezza di Android per ottobre 2023.
  • GNOME ha un difetto RCE.
  • Un nuovo attacco zero-day, “HTTP/2 Rapid Reset”, ha stabilito nuovi record DDoS.
  • Diverse distribuzioni Linux sono vulnerabili a causa di un bug chiamato “Looney Tunables”.
  • Microsoft ha anche rilasciato un aggiornamento d’emergenza per Edge e Teams.
  • SAP ha rilasciato gli aggiornamenti di Patch Day di ottobre 2023.
  • Nuovi difetti, noti come ShellTorch, influenzano lo strumento open-source TorchServe AI model-serving.

Con la crescente complessità e interconnessione dei sistemi, è essenziale che aziende e individui si mantengano aggiornati sugli ultimi sviluppi in materia di sicurezza e applichino tempestivamente gli aggiornamenti necessari per proteggere le proprie risorse digitali.

TagCVE IDCVE TitleSeverity
Active Directory Domain ServicesCVE-2023-36722Active Directory Domain Services Information Disclosure VulnerabilityImportant
AzureCVE-2023-36737Azure Network Watcher VM Agent Elevation of Privilege VulnerabilityImportant
AzureCVE-2023-36419Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege VulnerabilityImportant
Azure DevOpsCVE-2023-36561Azure DevOps Server Elevation of Privilege VulnerabilityImportant
Azure Real Time Operating SystemCVE-2023-36418Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant
Azure SDKCVE-2023-36414Azure Identity SDK Remote Code Execution VulnerabilityImportant
Azure SDKCVE-2023-36415Azure Identity SDK Remote Code Execution VulnerabilityImportant
Client Server Run-time Subsystem (CSRSS)CVE-2023-41766Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege VulnerabilityImportant
HTTP/2CVE-2023-44487MITRE: CVE-2023-44487 HTTP/2 Rapid Reset AttackImportant
Microsoft Common Data Model SDKCVE-2023-36566Microsoft Common Data Model SDK Denial of Service VulnerabilityImportant
Microsoft DynamicsCVE-2023-36429Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityImportant
Microsoft DynamicsCVE-2023-36416Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2023-36433Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2023-5346Chromium: CVE-2023-5346 Type Confusion in V8Unknown
Microsoft Exchange ServerCVE-2023-36778Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2023-36594Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2023-38159Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2023-36565Microsoft Office Graphics Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2023-36569Microsoft Office Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2023-36568Microsoft Office Click-To-Run Elevation of Privilege VulnerabilityImportant
Microsoft QUICCVE-2023-38171Microsoft QUIC Denial of Service VulnerabilityImportant
Microsoft QUICCVE-2023-36435Microsoft QUIC Denial of Service VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2023-36577Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft Windows Media FoundationCVE-2023-36710Windows Media Foundation Core Remote Code Execution VulnerabilityImportant
Microsoft Windows Search ComponentCVE-2023-36564Windows Search Security Feature Bypass VulnerabilityImportant
Microsoft WordPadCVE-2023-36563Microsoft WordPad Information Disclosure VulnerabilityImportant
Skype for BusinessCVE-2023-36786Skype for Business Remote Code Execution VulnerabilityImportant
Skype for BusinessCVE-2023-36780Skype for Business Remote Code Execution VulnerabilityImportant
Skype for BusinessCVE-2023-36789Skype for Business Remote Code Execution VulnerabilityImportant
Skype for BusinessCVE-2023-41763Skype for Business Elevation of Privilege VulnerabilityImportant
SQL ServerCVE-2023-36728Microsoft SQL Server Denial of Service VulnerabilityImportant
SQL ServerCVE-2023-36417Microsoft SQL ODBC Driver Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2023-36785Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2023-36598Microsoft WDAC ODBC Driver Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2023-36730Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityImportant
SQL ServerCVE-2023-36420Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityImportant
Windows Active Template LibraryCVE-2023-36585Active Template Library Denial of Service VulnerabilityImportant
Windows AllJoyn APICVE-2023-36709Microsoft AllJoyn API Denial of Service VulnerabilityImportant
Windows Client/Server Runtime SubsystemCVE-2023-36902Windows Runtime Remote Code Execution VulnerabilityImportant
Windows Common Log File System DriverCVE-2023-36713Windows Common Log File System Driver Information Disclosure VulnerabilityImportant
Windows Container Manager ServiceCVE-2023-36723Windows Container Manager Service Elevation of Privilege VulnerabilityImportant
Windows Deployment ServicesCVE-2023-36707Windows Deployment Services Denial of Service VulnerabilityImportant
Windows Deployment ServicesCVE-2023-36567Windows Deployment Services Information Disclosure VulnerabilityImportant
Windows Deployment ServicesCVE-2023-36706Windows Deployment Services Information Disclosure VulnerabilityImportant
Windows DHCP ServerCVE-2023-36703DHCP Server Service Denial of Service VulnerabilityImportant
Windows Error ReportingCVE-2023-36721Windows Error Reporting Service Elevation of Privilege VulnerabilityImportant
Windows HTML PlatformCVE-2023-36436Windows MSHTML Platform Remote Code Execution VulnerabilityImportant
Windows HTML PlatformCVE-2023-36557PrintHTML API Remote Code Execution VulnerabilityImportant
Windows IISCVE-2023-36434Windows IIS Server Elevation of Privilege VulnerabilityImportant
Windows IKE ExtensionCVE-2023-36726Windows Internet Key Exchange (IKE) Extension Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-36576Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2023-36712Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-36698Windows Kernel Security Feature Bypass VulnerabilityImportant
Windows Layer 2 Tunneling ProtocolCVE-2023-41770Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41765Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41767Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-38166Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41774Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41773Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41771Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41769Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41768Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Mark of the Web (MOTW)CVE-2023-36584Windows Mark of the Web Security Feature Bypass VulnerabilityImportant
Windows Message QueuingCVE-2023-36571Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36570Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36431Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-35349Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-36591Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36590Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36589Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36583Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36592Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36697Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-36606Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36593Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36582Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36574Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36575Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36573Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36572Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36581Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36579Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36578Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Microsoft DirectMusicCVE-2023-36702Microsoft DirectMusic Remote Code Execution VulnerabilityImportant
Windows Mixed Reality Developer ToolsCVE-2023-36720Windows Mixed Reality Developer Tools Denial of Service VulnerabilityImportant
Windows Named Pipe File SystemCVE-2023-36729Named Pipe File System Elevation of Privilege VulnerabilityImportant
Windows Named Pipe File SystemCVE-2023-36605Windows Named Pipe Filesystem Elevation of Privilege VulnerabilityImportant
Windows NT OS KernelCVE-2023-36725Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows Power Management ServiceCVE-2023-36724Windows Power Management Service Information Disclosure VulnerabilityImportant
Windows RDPCVE-2023-36790Windows RDP Encoder Mirror Driver Elevation of Privilege VulnerabilityImportant
Windows RDPCVE-2023-29348Windows Remote Desktop Gateway (RD Gateway) Information Disclosure VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-36596Remote Procedure Call Information Disclosure VulnerabilityImportant
Windows Resilient File System (ReFS)CVE-2023-36701Microsoft Resilient File System (ReFS) Elevation of Privilege VulnerabilityImportant
Windows Runtime C++ Template LibraryCVE-2023-36711Windows Runtime C++ Template Library Elevation of Privilege VulnerabilityImportant
Windows Setup Files CleanupCVE-2023-36704Windows Setup Files Cleanup Remote Code Execution VulnerabilityImportant
Windows TCP/IPCVE-2023-36438Windows TCP/IP Information Disclosure VulnerabilityImportant
Windows TCP/IPCVE-2023-36603Windows TCP/IP Denial of Service VulnerabilityImportant
Windows TCP/IPCVE-2023-36602Windows TCP/IP Denial of Service VulnerabilityImportant
Windows TPMCVE-2023-36717Windows Virtual Trusted Platform Module Denial of Service VulnerabilityImportant
Windows Virtual Trusted Platform ModuleCVE-2023-36718Microsoft Virtual Trusted Platform Module Remote Code Execution VulnerabilityCritical
Windows Win32KCVE-2023-36731Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2023-36732Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2023-36776Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2023-36743Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2023-41772Win32k Elevation of Privilege VulnerabilityImportant

Pronto a supportare l'informazione libera?

Iscriviti alla nostra newsletter // Seguici gratuitamente su Google News
Exit mobile version