![]() ![]() This month’s release also included information on four Important-severity GitHub CVEs affecting Visual Studio. Exploitation more likely in older versions: 1įigure 1: As it did last month, remote code execution issues make up the largest portion of March 2023’s patches from Microsoft.Exploitation more likely in latest version: 6.However, Microsoft cautions that seven of the issues addressed are more likely to be exploited in either the latest or earlier versions of the affected product soon (that is, within the next 30 days).Īnd surprises happen, after all: Microsoft is currently contending with not one but two publicly revealed proofs of concept for recently patched issues - January’s CVE-2023-21768 and February’s CVE-2023-21716 – the latter of which was dubbed “less likely” to be exploited soon when the patch was released just 28 days ago. In an unusually wide-ranging month, there are also patches for other platforms entirely – Android (3), iOS (1), and macOS (1).Īt patch time, just one of the issues this month has been publicly disclosed, and only two appear to be under exploit in the wild: CVE-2023-23397, an Important-severity spoofing issue in Outlook, and CVE-2023-24880, a Moderate-severity security feature bypass in Windows SmartScreen. Dynamics follows with 6 CVEs followed by Office (4), Azure and SharePoint (2 each), and MMPE (1). As is the custom, the largest number of addressed vulnerabilities affect Windows, with 54 CVEs. ![]() ![]() Microsoft on Tuesday released patches for 73 vulnerabilities in ten product families, including 6 Critical-severity issues in Windows. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |