βΌ CVE-2023-23377 βΌ
π Read
via "National Vulnerability Database".
3D Builder Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-21797 βΌ
π Read
via "National Vulnerability Database".
Microsoft ODBC Driver Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-21794 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Spoofing Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-21812 βΌ
π Read
via "National Vulnerability Database".
Windows Common Log File System Driver Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βοΈ Microsoft Patch Tuesday, February 2023 Edition βοΈ
π Read
via "Krebs on Security".
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year's special Valentine's Day Patch Tuesday includes fixes for a whopping three different "zero-day" vulnerabilities that are already being used in active attacks.π Read
via "Krebs on Security".
Krebs on Security
Microsoft Patch Tuesday, February 2023 Edition
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year's special Valentine's Day Patch Tuesday includes fixes forβ¦
β Microsoft Patch Tuesday: 36 RCE bugs, 3 zero-days, 75 CVEs β
π Read
via "Naked Security".
Lots of lovely patches for your Valentine's Day delight. Get 'em as soon as you can...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ 9 New Microsoft Bugs to Patch Now π΄
π Read
via "Dark Reading".
78 new CVEs patched in this month's batch β nearly half of which are remotely executable and three of which attackers already are exploiting.π Read
via "Dark Reading".
Dark Reading
9 New Microsoft Bugs to Patch Now
78 new CVEs patched in this month's batch β nearly half of which are remotely executable and three of which attackers already are exploiting.
π΄ OT Network Security Myths Busted in a Pair of Hacks π΄
π Read
via "Dark Reading".
How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.π Read
via "Dark Reading".
Dark Reading
OT Network Security Myths Busted in a Pair of Hacks
How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.
βΌ CVE-2023-23618 βΌ
π Read
via "National Vulnerability Database".
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patch is available in version 2.39.2. As a workaround, avoid using `gitk` (or Git GUI's "Visualize History" functionality) in clones of untrusted repositories.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21815 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-22743 βΌ
π Read
via "National Vulnerability Database".
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This potentially allows users with local write access to place malicious payloads in a location where automated upgrades might run the Git for Windows installer with elevation. Version 2.39.2 contains a patch for this issue. Some workarounds are available. Never leave untrusted files in the Downloads folder or its sub-folders before executing the Git for Windows installer, or move the installer into a different directory before executing it.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21823 βΌ
π Read
via "National Vulnerability Database".
Windows Graphics Component Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-21553 βΌ
π Read
via "National Vulnerability Database".
Azure DevOps Server Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-21566 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-21778 βΌ
π Read
via "National Vulnerability Database".
Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-21808 βΌ
π Read
via "National Vulnerability Database".
.NET and Visual Studio Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-25724 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21567 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Denial of Service Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-25723 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23381 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
π΄ Expel Tackles Cloud Threats With MDR for Kubernetes π΄
π Read
via "Dark Reading".
The new managed detection and response platform simplifies cloud security for Kubernetes applications.π Read
via "Dark Reading".
Dark Reading
Expel Tackles Cloud Threats With MDR for Kubernetes
The new managed detection and response platform simplifies cloud security for Kubernetes applications.