Microsoft Patch Tuesday
Dark Lab on Apr 12 2023
Share:
On 11 April 2023, Microsoft disclosed 97 vulnerabilities in their monthly release of Patch Tuesday. Amongst the vulnerabilities disclosed, 7 were classified as successful exploitation may result in remote code execution. In addition, 1 actively exploited zero-day vulnerability (CVE-2023-28252) was disclosed.
The zero-day elevation of privilege vulnerability has been observed to be exploited by the Nokoyawa ransomware group to perform remote code execution with SYSTEM privileges.
Microsoft has released the patches for the aforementioned vulnerabilities. In most instances, no workarounds or mitigations are available.
https://msrc.microsoft.com/update-guide/vulnerability
The zero-day elevation of privilege vulnerability has been observed to be exploited by the Nokoyawa ransomware group to perform remote code execution with SYSTEM privileges.
Microsoft has released the patches for the aforementioned vulnerabilities. In most instances, no workarounds or mitigations are available.
https://msrc.microsoft.com/update-guide/vulnerability