Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)

On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). The exploited zero-days (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487) CVE-2023-36563, discovered by Microsoft Threat Intelligence, is a WordPad vulnerability that could allow attackers to grab NTLM hashes (i.e., encrypted user passwords on Windows systems). “To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted … More →

The post …

actively exploited attackers business cve ddos don't miss encrypted exploited exploited vulnerabilities fixes for business grab hashes hot stuff intelligence microsoft microsoft exchange ntlm ntlm hashes october passwords patch patches patch tuesday security update skype threat threat intelligence trend micro tuesday vulnerabilities vulnerability windows zero-days