CONFERENCE Watch Now: Threat Detection & Incident Response (TDIR) Summit - Watch Event On-Demand
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits

Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.

zero-day flaw

Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh warning that two new Windows vulnerabilities are being targeted by malware attacks in the wild.

As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation detected” category and urged Windows sysadmins to urgently apply available fixes.

The most serious of the two bugs is described as a privilege escalation flaw in Microsoft Streaming Service Proxy that carries a CVSS severity score of 7.8/10.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft cautioned. 

The Microsoft Streaming Service Proxy is part of the enterprise-facing Microsoft Stream video communications service.

Microsoft credited the discovery of the flaw to IBM X-Force security researcher Valentina Palmiotti and its internal threat-intelligence and malware-hunting teams.

The second zero-day, confirmed in Microsoft Word, is an information-disclosure issue credited to Redmond’s internal bug finders.  “Exploiting this vulnerability could allow the disclosure of NTLM hashes,” the company said.

As is customary, Microsoft did not release any additional details on the live attacks or indicators of compromise (IOCs) to help defenders hunt for signs of compromise.

Advertisement. Scroll to continue reading.

The two zero-days headline a hefty Patch Tuesday for Microsoft customers.  In all, the company shipped patches for approximately 65 documented flaws (counting by published CVEs)

The patches cover bugs in Windows operating system and software components that include Microsoft Office, Azure, Exchange Server and Windows Defender.

Related: Apple Patches Actively Exploited iOS, macOS Zero-Days

Related: Adobe Says Critical PDF Reader Zero-Day Being Exploited 

Related: Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Related: Google Patches Chrome Zero-Day Reported by Apple

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Jeremy Koppen has left Mandiant after 13 years to become the CISO of Equifax.

Engineering and technology solutions provider Amentum has appointed Max Shier as its CISO.

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.