www.helpnetsecurity.com
Open in
urlscan Pro
52.10.66.75
Public Scan
URL:
https://www.helpnetsecurity.com/2023/06/13/june-2023-patch-tuesday/
Submission: On June 14 via api from TR — Scanned from DE
Submission: On June 14 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1686708477"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus * News * Features * Expert analysis * Videos * Reviews * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Zeljka Zorz, Editor-in-Chief, Help Net Security June 13, 2023 Share JUNE 2023 PATCH TUESDAY: CRITICAL PATCHES FOR MICROSOFT WINDOWS, SHAREPOINT, EXCHANGE For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly known before today! Microsoft has previously fixed CVE-2023-3079, a type confusion vulnerability in Chromium’s V8 JavaScript engine, which was spotted being exploited by attackers to target Chrome users. Since Microsoft’s Edge browser is based on Chromium’ open-source codebase, Microsoft pushed out a patch on June 6, and the accompanying advisory is out today. VULNERABILITIES OF NOTE Dustin Childs, head of threat awareness at Trend Micro Inc.’s Zero Day Initiative, has singled out CVE-2023-29357, a critical elevation of privilege (EoP) vulnerability in Microsoft SharePoint Server 2019, as deserving express patching. “This bug was one of the bugs chained together during the Pwn2Own Vancouver contest held back in March. This particular bug was used to bypass authentication due to a flaw within the ValidateTokenIssuer method,” he noted. Jason Kikta, CIO/CISO at Automox, explained further: “An attacker who gains access to spoofed JWT authentication tokens can then use them to execute a network attack, which bypasses authentication and allows them to gain access to the privileges of an authenticated user. The attacker needs no privileges nor does the user need to perform any action.” Exfiltration of sensitive information is a priority for both criminal and state espionage actors. Therefore, mass exploitation against public-facing SharePoint instances in the near future is likely. Further, an actor is likely to exploit this vulnerability shortly after gaining access to a given internal corporate system, which reduces the potential response time before data is stolen. On-prem customers who have enabled the AMSI feature are protected from this vulnerability, but all others should patch within 24 hours to avoid exploitation.” Three distinct vulnerabilities (CVE-2023-29363, CVE-2023-32014, CVE-2023-32015) affecting the Windows Pragmatic General Multicast (PGM) protocol installed with the message queuing (MSMQ) service could allow a remote, unauthenticated attacker to execute code on an affected system and should be also patched quickly. “While not enabled by default, PGM isn’t an uncommon configuration. Let’s hope these bugs get fixed before any active exploitation starts,” Childs pointed out. Then there’s CVE-2023-32031 – a RCE in Microsoft Exchange Server (2016 and 2109). The attacker must be authenticated to exploit it, but if that requirement is fulfilled, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call. “With low attack complexity and privileges and no user interaction required, we recommend patching this one and CVE-2023-28310 within 24 hours to avoid exploitation,” Kitka advised. “Both flaws are rated as important but are considered more likely to be exploited compared to some of the other vulnerabilities patched this month,” Satnam Narang, senior staff research engineer at Tenable, told Help Net Security. “Unlike past Microsoft Exchange Server flaws that were rated higher and did not require authentication, these vulnerabilities require an attacker to be authenticated. That said, attackers can still potentially exploit these flaws if they’re able to obtain valid credentials, which is not as difficult as you’d expect.” More about * Automox * Microsoft Exchange * Patch Tuesday * security update * SharePoint * Tenable * Trend Micro * Windows Share this FEATURED NEWS * June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange * PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) * How to achieve cyber resilience? Spin Up A CIS Hardened Image SPONSORED THE BEST DEFENSE AGAINST CYBER THREATS FOR LEAN SECURITY TEAMS WEBINAR: TIPS FROM MSSPS TO MSSPS – STARTING A VCISO PRACTICE SECURITY IN THE CLOUD WITH MORE AUTOMATION CISOS STRUGGLE WITH STRESS AND LIMITED RESOURCES DON'T MISS JUNE 2023 PATCH TUESDAY: CRITICAL PATCHES FOR MICROSOFT WINDOWS, SHAREPOINT, EXCHANGE POC EXPLOIT FOR EXPLOITED MOVEIT VULNERABILITY RELEASED (CVE-2023-34362) HOW TO ACHIEVE CYBER RESILIENCE? QUANTUM COMPUTING’S THREAT TO NATIONAL SECURITY BUILDING A HYPER-CONNECTED FUTURE WITH 6G NETWORKS Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2023 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×