Security News > 2023 > April > Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in an advisory, crediting researchers Boris Larin, Genwei Jiang, and Quan Jin for reporting the issue.
According to Russian cybersecurity firm Kaspersky, the vulnerability has been weaponized by a cybercrime group to deploy Nokoyawa ransomware against small and medium-sized businesses in the Middle East, North America, and Asia.
In light of ongoing exploitation of the flaw, CISA added the Windows zero-day to its catalog of Known Exploited Vulnerabilities, ordering Federal Civilian Executive Branch agencies to secure their systems by May 2, 2023.
Microsoft has also updated its advisory for CVE-2013-3900, a WinVerifyTrust signature validation vulnerability, to include the following Server Core installation versions -.
In addition to Microsoft, security updates have also been released by other vendors in the last few weeks to rectify several vulnerabilities, including -.
News URL
https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- Microsoft says more ransomware stopped before reaching encryption (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-12-11 | CVE-2013-3900 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. | 8.8 |