With Microsoft’s Patch Tuesday for March 2023 Microsoft Addresses a Critical outlook exploited with CVSS 9.8 pre-auth RCE bug. How Attackers Exploit This Vulnerability on vulnerable version of Outlook Attackers can exploit CVE-2023-23397 by sending specially crafted email to vulnerable version of Outlook, that force a connection from the victim’s device to an external UNC locationContinue reading “Microsoft Outlook (CVE-2023-23397) has been exploited in zero-day attacks”
Category Archives: Security
Exchange Emergency Mitigation (EM) service
When you install the September 2021 CU (or later) on Exchange Server 2016 or Exchange Server 2019, the EM service will be installed automatically on servers with the Mailbox role. Microsoft Exchange Emergency Mitigation (EM) provides the fastest and easiest way to temporarily resolve threats to connected on-premise Exchange servers before your IT security teamContinue reading “Exchange Emergency Mitigation (EM) service”
New Microsoft Exchange zero-day actively (RCE+SSRF) exploited in attacks
UPDATE Microsoft add updates: The tech giant has revised the blocking rule in IIS Manager from “.*autodiscover\.json.*Powershell.*” to “(?=.*autodiscover\.json)(?=.*powershell).” Also , Change the Condition input from {URL} to {UrlDecode:{REQUEST_URI}} and then click OK On Thursday, September 29, a Vietnamese security firm called GTSC published information and IOCs on what they claim is a pair of unpatched Microsoft Exchange ServerContinue reading “New Microsoft Exchange zero-day actively (RCE+SSRF) exploited in attacks”
Microsoft May Patch Updates Cause Windows AD Authentication Errors
Some May 2022 Microsoft Security Updates Are Leading to Authentication Failures. Microsoft reported : “After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP),”.Continue reading “Microsoft May Patch Updates Cause Windows AD Authentication Errors”
Released: May 2022 Exchange Server Security Updates
Microsoft released an SU for exchange servers. Starting with this release of Security Updates, Microsoft are releasing updates in a self-extracting auto-elevating .exe package These SUs are available for the following specific builds of Exchange Server: Exchange Server 2013 CU23 Exchange Server 2016 CU22 and CU23 Exchange Server 2019 CU11 and CU12 Manual run of /PrepareAllDomains is required : Because of additionalContinue reading “Released: May 2022 Exchange Server Security Updates”
2022 MITRE ATT&CK Evaluations
Released March 31, 2022, the MITRE Engenuity ATT&CK® Evaluations covered 30 vendors and emulated the Wizard Spider and Sandworm threat groups. Two key measurements that are generated from the testing are Overall Detection and Overall Protection. About MITRE Engenuity MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-drivenContinue reading “2022 MITRE ATT&CK Evaluations”
Microsoft March 2022 Patch Tuesday – fixes 71 flaws, 3 zero-days
Microsoft has fixed 71 vulnerabilities with three classified as Critical. Three of the bugs are listed as publicly known zero-days, but none of them are listed as having been exploited in the wild (thus far) : CVE-2022-21990 – Remote Desktop Client Remote Code Execution Vulnerability CVE-2022-24459 – Windows Fax and Scan Service Elevation of Privilege Vulnerability CVE-2022-24512 – .NETContinue reading “Microsoft March 2022 Patch Tuesday – fixes 71 flaws, 3 zero-days”
Microsoft February 2022 Security Updates
Microsoft has fixed 48 vulnerabilities and with it comes fixes for one zero-day vulnerability CVE-2022-21989 – Windows Kernel Elevation of Privilege Vulnerability This release consists of security updates for the following products, features and roles. Azure Data Explorer Kestrel Web Server Microsoft Dynamics Microsoft Dynamics GP Microsoft Edge (Chromium-based) Microsoft Office Microsoft Office Excel Microsoft Office OutlookContinue reading “Microsoft February 2022 Security Updates”
January 2022 updates causing unexpected reboots
Update (18/1/22) Microsoft released OOB updates they are available for download on the Microsoft Update Catalog, and some of them can also be installed directly through Windows Update as optional updates. Microsoft Update Catalog UPDATE (17/1/22): Microsoft has confirmed they are investigating the issues. The updates are remove from the windows update , but they availableContinue reading “January 2022 updates causing unexpected reboots”