For an in-depth look at the situation, including Sophos X-Ops’ role in its discovery, please see the accompanying article Microsoft has also published a Knowledge Base article on the matter. ADV230001, “Guidance on Microsoft Signed Drivers Being Used Maliciously,” addresses an issue under sustained active exploit for multiple products. Microsoft is also publishing three advisories that bear a closer look. NET share a patch and each takes another one of their own. Azure takes four, though two of those are shared with Windows as noted above. Office takes 10 patches, including three that it shares with Outlook, one that it shares with Windows as noted above, and one that it shares with Access. As usual, the largest number of addressed vulnerabilities affect Windows with 105 CVEs, including two that also affect Azure and one (CVE-2023-36884) that also affects Office. Microsoft on Tuesday released patches for 130 vulnerabilities, including eight critical-severity issues in Windows and two in SharePoint. Initially posted at 18:38 UTC on 11 July 2023] Version 2 published 18:25 UTC, 14 July 2023, adding information on CVE-2023-36884 and updating totals throughout.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |