Security News > 2023 > October

Patch Tuesday Microsoft on Tuesday issued more than 100 security updates to fix flaws in its products, including two bugs that are already under active attack, as well as addressing an HTTP/2 weakness that has also been exploited in the wild. CVE-2023-36563 is an information disclosure bug in Microsoft WordPad that can be exploited to steal NTLM hashes.

Microsoft warned customers this week of incorrect BitLocker drive encryption errors being shown in some managed Windows environments. The issue also only impacts environments where drive encryption is enforced for OS and fixed drives.

At the fraud trial of former FTX head Sam Bankman-Fried, prosecutors presented the jury with Python code for the FTX backend that allowed flagged client accounts to spend money they didn't have on the cryptocurrency exchange. Multiple accounts associated with Alameda Research, the hedge fund controlled by Bankman-Fried that allegedly used billions of dollars of customer deposits in FTX as a slush fund, were flagged thus, according to reported accounts of the testimony of FTX co-founder Gary Wang.

The method relies on stream multiplexing, a feature of the HTTP/2 protocol that allows multiple HTTP requests to be sent to a server on a single TCP connection. A feature of the protocol's streaming capability is the ability to send a request and soon after cancel that request, an action known as resetting the request's stream.

A Mirai-based DDoS malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others. IZ1H9 compromises devices to enlist them to its DDoS swarm and then launches DDoS attacks on specified targets, presumably on the order of clients renting its firepower.

The Exchange Team asked admins to deploy a new and "Better" patch for a critical Microsoft Exchange Server vulnerability initially addressed in August. Tracked as CVE-2023-21709 and patched during August 2023 Patch Tuesday, the security flaw enables unauthenticated attackers to escalate privileges on unpatched Exchange servers in low-complexity attacks that don't require user interaction.

Microsoft has released the KB5031356 cumulative update for Windows 10 21H2 and Windows 10 22H2, with twenty-five fixes for various issues. KB5031356 is a mandatory Windows 10 cumulative update containing the October 2023 Patch Tuesday security updates.

On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities. CVE-2023-36563, discovered by Microsoft Threat Intelligence, is a WordPad vulnerability that could allow attackers to grab NTLM hashes.

The infamous Mirai botnet was spotted by researchers who say it is spinning up again, this time with an "Aggressively updated arsenal of exploits." It's the first major update to the IZ1H9 Mirai variant in months and arrives bolstered with tools to break into devices from D-Link and Zyxel, among others.

Microsoft has released the Windows 11 22H2 KB5031354 cumulative update to fix security vulnerabilities. KB5031354 is a mandatory Windows 11 cumulative update containing the October 2023 Patch Tuesday security updates.