Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories

Aug 9, 2023 08:00 pm Cyber Security 172
Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories

by

The August 2023 Microsoft security updates are out (the first day of the month was a Tuesday, making this month’s Patch Tuesday as early as ever it can be), with 74 CVE-numbered bugs fixed.


Intriguingly, if not confusingly, Microsoft’s offical bug listing page is topped by two special items dubbed Exploitation Detected.


That terminology is Microsoft’s usual euphemistic reworking of the word zero-day, typically denoting bugs that were first found and exploited by cyberattackers, and only then reported to and patched by the Good Guys.


But neither of those items line up directly with any of of this month’s CVE numbers, appearing simply as:


  • Microsoft Office: ADV230003. Exploitation detected. Workarounds: No. Mitigations: No.

  • Memory Integrity System Readiness Scan Tool: ADV230004. Exploitation detected. Workarounds: No. Mitigations: No.


    • Mark of the Web problems


    Apparently, the above Office advisory relates to follow-up security improvements in Office to deal with CVE-2023-36884, which was a zero-day until last month, when it was patched in the July 2023 security updates.


    That bug related to Microsoft’s so-called Mark of the Web (MotW), also known as the Internet Zone system, whereby files that arrive via the internet, for example as saved emai ..

    Support the originator by clicking the read the rest link below.

    microsoft patch tuesday exploit detected advisories
    Read The Rest from the original source
    nakedsecurity.sophos.com

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!