156Articles
8Categories
2023-07-11Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 136[−]
11 JulCVE-2023-21756 Windows Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33148 Microsoft Office Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33150 Microsoft Office Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33152 Microsoft ActiveX Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33153 Microsoft Outlook Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-32042 OLE Automation Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-32047 Paint 3D Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulADV230002 Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI ModulesTrend Micro has released [CVE-2023-28005](https://success.trendmicro.com/dcx/s/solution/000292473?language=en_US) to address a secure boot bypass. Subsequently Microsoft has released the July Windows security updates to block the vulnerable UEFI modules by using the DBX (UEFI Sec…MSRC.MICROSOFT.COM
11 JulCVE-2023-32050 Windows Installer Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35323 Windows OLE Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35329 Windows Authentication Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35337 Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35339 Windows CryptoAPI Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35344 Windows DNS Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35345 Windows DNS Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35346 Windows DNS Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35356 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35357 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35358 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35360 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35361 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35363 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35364 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-21526 Windows Netlogon Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-29347 Windows Admin Center Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33158 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33159 Microsoft SharePoint Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33161 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-33162 Microsoft Excel Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-32052 Microsoft Power Apps (online) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-32053 Windows Installer Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-32084 HTTP.sys Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35298 HTTP.sys Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35304 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35305 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35310 Windows DNS Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35373 Mono Authenticode Validation Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-35374 Paint 3D Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JulCVE-2023-29356 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityAdded an FAQ to inform customers who have installed Microsoft SQL Server 2022 for x64-based Systems (GDR) or Microsoft SQL Server 2019 for x64-based Systems (GDR) are vulnerable. Microsoft recommends updating to the latest cumulative update to be protected from this vulnerability…MSRC.MICROSOFT.COM
11 JulCVE-2023-32025 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityAdded an FAQ to inform customers who have installed Microsoft SQL Server 2022 for x64-based Systems (GDR) or Microsoft SQL Server 2019 for x64-based Systems (GDR) are vulnerable. Microsoft recommends updating to the latest cumulative update to be protected from this vulnerability…MSRC.MICROSOFT.COM
11 JulCVE-2023-32026 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityAdded an FAQ to inform customers who have installed Microsoft SQL Server 2022 for x64-based Systems (GDR) or Microsoft SQL Server 2019 for x64-based Systems (GDR) are vulnerable. Microsoft recommends updating to the latest cumulative update to be protected from this vulnerability…MSRC.MICROSOFT.COM
11 JulCVE-2023-32027 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityAdded an FAQ to inform customers who have installed Microsoft SQL Server 2022 for x64-based Systems (GDR) or Microsoft SQL Server 2019 for x64-based Systems (GDR) are vulnerable. Microsoft recommends updating to the latest cumulative update to be protected from this vulnerability…MSRC.MICROSOFT.COM
11 JulCVE-2023-32028 Microsoft OLE DB Remote Code Execution VulnerabilityAdded an FAQ to inform customers who have installed Microsoft SQL Server 2022 for x64-based Systems (GDR) or Microsoft SQL Server 2019 for x64-based Systems (GDR) are vulnerable. Microsoft recommends updating to the latest cumulative update to be protected from this vulnerability…MSRC.MICROSOFT.COM
11 JulCVE-2023-29349 Microsoft ODBC and OLE DB Remote Code Execution VulnerabilityAdded an FAQ to inform customers who have installed Microsoft SQL Server 2022 for x64-based Systems (GDR) or Microsoft SQL Server 2019 for x64-based Systems (GDR) are vulnerable. Microsoft recommends updating to the latest cumulative update to be protected from this vulnerability…MSRC.MICROSOFT.COM
11 JulCVE-2022-37967 Windows Kerberos Elevation of Privilege VulnerabilityMicrosoft is announcing the release of the fourth phase of Windows security updates to address this vulnerability. These updates remove the ability to set value 1 for the KrbtgtFullPacSignature subkey, and enable the Enforcement mode (Default) (KrbtgtFullPacSignature = 3) which c…MSRC.MICROSOFT.COM
11 JulCVE-2022-38023 Netlogon RPC Elevation of Privilege VulnerabilityMicrosoft is announcing the release of the fourth phase of Windows security updates to address this vulnerability. The July 2023 updates remove the ability to set value 1 to the RequireSeal registry subkey and enables the Enforcement phase. Please see [How to manage Netlogon Prot…MSRC.MICROSOFT.COM
11 JulStorm-0978 attacks reveal financial and espionage motivesMicrosoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a zero-day remote code execution vulnerability…MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 6[−]
11 JulEnhanced Monitoring to Detect APT Activity Targeting Outlook OnlineSUMMARY In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA), and Microsoft det…CISA.GOV
11 JulCritical Patches Issued for Microsoft Products, July 11, 2023Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
11 JulMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe Products, the most severe of which could allow for arbitrary code execution. Adobe InDesign is a desktop publishing and page layout designing software. Adobe ColdFusion is a commercial rapid web-application development comput…CISECURITY.ORG
11 JulApple & Microsoft Patch Tuesday, July 2023 EditionMicrosoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: O…KREBSONSECURITY.COM
11 JulADV230001 Guidance on Microsoft Signed Drivers Being Used Maliciously## Executive Summary: Microsoft was recently informed that drivers certified by Microsoft’s Windows Hardware Developer Program (MWHDP) were being used maliciously in post-exploitation activity. In these attacks, the attacker gained administrative privileges on compromised systems…MSRC.MICROSOFT.COM
11 JulUrgent! Apple fixes critical zero-day hole in iPhones, iPads and Macssubmitted by IllNess to securitynews 16 points | 1 comments https://nakedsecurity.sophos.com/2023/07/11/urgent-apple-fixes-critical-zero-day-hole-in-iphones-ipads-and-macs/ There are Rapid Security Responses for the latest versions of macOS Ventura 13.4.1, iOS 16.5.1 and iPadOS 1…NAKEDSECURITY.SOPHOS.COM
📋 SECURITY BULLETINS 2[−]
11 JulMicrosoft Revokes Malicious Drivers in Patch Tuesday CullingIn December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-Ops (and others) observed threat actors abusing during attacks. Today, Microsoft is…SOPHOS.COM
11 JulUpdate 1: July’s Patch Tuesday: A rich harvestOver a hundred Windows patches, a high-impact advisory, and a guest appearance by… Internet Explorer?!SOPHOS.COM
📢 SECURITY ADVISORIES 1[−]
11 JulADV990001 Latest Servicing Stack UpdatesAdvisory updated to announce new versions of Servicing Stack Updates are available. Please see the FAQ for details.MSRC.MICROSOFT.COM
🔥 INCIDENT REPORTING 1[−]
11 JulVermillion - 8,106 breached accountsIn August 2014, the Roblox hacking forum Vermillion suffered a data breach that exposed over 8k subscriber records. The breach of the MyBB forum exposed email and IP addresses, usernames, dates of birth and salted password hashes.HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 6[−]
11 JulPrivacy of Printing ServicesThe Washington Post has an article about popular printing services, and whether or not they read your documents and mine the data when you use them for printing: Ideally, printing services should avoid storing the content of your files, or at least delete daily. Print services sh…SCHNEIER.COM
11 JulMicrosoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra IDMicrosoft Entra is unifying identity and network access with a new Security Service Edge (SSE) solution and more identity innovations. The post Microsoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra ID appeared first on Microsoft Security Blog .MICROSOFT.COM
11 JulMicrosoft mitigates China-based threat actor Storm-0558 targeting of customer emailUPDATE: Microsoft has released threat analysis on Storm-0558 activity here. Microsoft additionally released additional defense-in-depth security fixes to help customers improve token validation in their custom applications. Microsoft has mitigated an attack by a China-based threa…MSRC.MICROSOFT.COM
11 JulINTERSECT Network Security Summit 2023: Where Insight Meets InnovationJoin the INTERSECT Network Security Summit 2023 and discover why modern network security is crucial to today’s global organization. The post INTERSECT Network Security Summit 2023: Where Insight Meets Innovation appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
11 Jul'ShadowVault' macOS malware steals passwords, crypto, credit card datasubmitted by Mustafaalbazy to security 14 points | 0 comments https://www.macworld.com/article/1989180/new-shadowvault-macos-malware-steals-passwords-crypto-credit-card-data.htmlMACWORLD.COM
11 JulShortening the Let's Encrypt Chain of Trustsubmitted by canpolat to security 13 points | 0 comments https://letsencrypt.org/2023/07/10/cross-sign-expiration.htmlLETSENCRYPT.ORG
🌐 CYBER THREAT LANDSCAPE 2[−]
11 JulHunting for A New Stealthy Universal Rootkit LoaderIn this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module.TRENDMICRO.COM
11 JulESET Threat Report H1 2023A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research expertsWELIVESECURITY.COM
📡 INFOSEC NEWS 2[−]
11 JulSophos Announces Partnership With CysuranceProviding unique, fixed-price cyber insurance to organizations using Sophos Managed Detection and Response (MDR)SOPHOS.COM
11 JulGuide to Operationalizing Zero TrustZero Trust is no longer a buzzword but an essential element in enterprise security architecture. Operating on the 'never trust, always verify' principle, Zero Trust plays a vital role in protecting enterprise assets and data. However, operationalizing Zero Trust can be challengin…TRENDMICRO.COM