انتشار وصله های امنیتی ماه April مایکروسافت و رفع 97 آسیب پذیری

مایکروسافت این هفته وصله های امنیتی ماه April خود را منتشر کرد و یک آسیب پذیری مورد بهره برداری قرار گرفته Zero-day و جمعا 97 آسیب پذیری را رفع نموده است. 7 آسیب پذیری از این مجموعه در دسته آسیب پذیری های حیاتی قرار گرفته و امکان اجرا کد از راه دور را به مهاجم میدهند که از جدی ترین حفره ها محسوب می شوند.

حفره های رفع شده به صورت زیر دسته بندی می شوند:

20 Elevation of Privilege Vulnerabilities
8 Security Feature Bypass Vulnerabilities
45 Remote Code Execution Vulnerabilities
10 Information Disclosure Vulnerabilities
9 Denial of Service Vulnerabilities
6 Spoofing Vulnerabilities

آسیب پذیری zero-day وصله شده

این آسیب پذیری در حملات مورد بهره برداری قرار گرفته است و جزییات آن به صورت زیر است:

CVE-2023-28285 – Windows Common Log File System Driver Elevation of Privilege Vulnerability

به گفته مایکروسافت مهاجمی که به صورت موفقیت آمیز از این آسیب پذیری بهره برداری کند، قادر است به مجوزهای SYSTEM دسترسی یابد.

همچنین چهار آسیب پذیری به شماره شناسایی های CVE-2023-28285, CVE-2023-28295, CVE-2023-28287 وCVE-2023-28311 در Word، Office و Publisher با امکان اجرای کد از راه دور، این ماه توسط مایکروسافت وصله شده است.
اهمیت این آسیب پذیری ها به این دلیل است که در کمپین های فیشینگ و توزیع بدافزارها میتوانند توسط مهاجمان مورد بهره برداری قرار بگیرند.

به روز رسانی های اخیر سایر شرکتها

Apple released a security updates to fix two actively exploited zero-days in iOS and macOS.
Cisco released security updates for multiple products.
Fortinet released security updates for multiple products.
Google released the Android April 2023 and Google Chrome security updates.
SAP has released its April 2023 Patch Day updates.

توصیه می شود با توجه به بهره برداری از آسیب پذیری موجود در محصولات Apple در صورتی که از این محصولات استفاده می کنید، حتما و در اسرع وقت به روز رسانی امنیت آن شرکت را انجام دهید.

در جدول زیر می توانید لیست کامل به روز رسانی های این ماه مایکروسافت را ملاحظه نمایید :

Tag	CVE ID	CVE Title	Severity
.NET Core	CVE-2023-28260	.NET DLL Hijacking Remote Code Execution Vulnerability	Important
Azure Machine Learning	CVE-2023-28312	Azure Machine Learning Information Disclosure Vulnerability	Important
Azure Service Connector	CVE-2023-28300	Azure Service Connector Security Feature Bypass Vulnerability	Important
Microsoft Bluetooth Driver	CVE-2023-28227	Windows Bluetooth Driver Remote Code Execution Vulnerability	Important
Microsoft Defender for Endpoint	CVE-2023-24860	Microsoft Defender Denial of Service Vulnerability	Important
Microsoft Dynamics	CVE-2023-28314	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important
Microsoft Dynamics	CVE-2023-28309	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important
Microsoft Dynamics 365 Customer Voice	CVE-2023-28313	Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability	Important
Microsoft Edge (Chromium-based)	CVE-2023-28284	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability	Moderate
Microsoft Edge (Chromium-based)	CVE-2023-1823	Chromium: CVE-2023-1823 Inappropriate implementation in FedCM	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-28301	Microsoft Edge (Chromium-based) Tampering Vulnerability	Low
Microsoft Edge (Chromium-based)	CVE-2023-1810	Chromium: CVE-2023-1810 Heap buffer overflow in Visuals	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-24935	Microsoft Edge (Chromium-based) Spoofing Vulnerability	Low
Microsoft Edge (Chromium-based)	CVE-2023-1819	Chromium: CVE-2023-1819 Out of bounds read in Accessibility	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1818	Chromium: CVE-2023-1818 Use after free in Vulkan	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1814	Chromium: CVE-2023-1814 Insufficient validation of untrusted input in Safe Browsing	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1821	Chromium: CVE-2023-1821 Inappropriate implementation in WebShare	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1811	Chromium: CVE-2023-1811 Use after free in Frames	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1820	Chromium: CVE-2023-1820 Heap buffer overflow in Browser History	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1816	Chromium: CVE-2023-1816 Incorrect security UI in Picture In Picture	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1815	Chromium: CVE-2023-1815 Use after free in Networking APIs	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1822	Chromium: CVE-2023-1822 Incorrect security UI in Navigation	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1813	Chromium: CVE-2023-1813 Inappropriate implementation in Extensions	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1812	Chromium: CVE-2023-1812 Out of bounds memory access in DOM Bindings	Unknown
Microsoft Edge (Chromium-based)	CVE-2023-1817	Chromium: CVE-2023-1817 Insufficient policy enforcement in Intents	Unknown
Microsoft Graphics Component	CVE-2023-24912	Windows Graphics Component Elevation of Privilege Vulnerability	Important
Microsoft Message Queuing	CVE-2023-21769	Microsoft Message Queuing Denial of Service Vulnerability	Important
Microsoft Message Queuing	CVE-2023-21554	Microsoft Message Queuing Remote Code Execution Vulnerability	Critical
Microsoft Office	CVE-2023-28285	Microsoft Office Graphics Remote Code Execution Vulnerability	Important
Microsoft Office Publisher	CVE-2023-28295	Microsoft Publisher Remote Code Execution Vulnerability	Important
Microsoft Office Publisher	CVE-2023-28287	Microsoft Publisher Remote Code Execution Vulnerability	Important
Microsoft Office SharePoint	CVE-2023-28288	Microsoft SharePoint Server Spoofing Vulnerability	Important
Microsoft Office Word	CVE-2023-28311	Microsoft Word Remote Code Execution Vulnerability	Important
Microsoft PostScript Printer Driver	CVE-2023-28243	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24883	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24927	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24925	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24924	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24885	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24928	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24884	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24926	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24929	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24887	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft Printer Drivers	CVE-2023-24886	Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability	Important
Microsoft WDAC OLE DB provider for SQL	CVE-2023-28275	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28256	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28278	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28307	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28306	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28223	Windows Domain Name Service Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28254	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28305	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28308	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28255	Windows DNS Server Remote Code Execution Vulnerability	Important
Microsoft Windows DNS	CVE-2023-28277	Windows DNS Server Information Disclosure Vulnerability	Important
SQL Server	CVE-2023-23384	Microsoft SQL Server Remote Code Execution Vulnerability	Important
SQL Server	CVE-2023-23375	Microsoft ODBC and OLE DB Remote Code Execution Vulnerability	Important
SQL Server	CVE-2023-28304	Microsoft ODBC and OLE DB Remote Code Execution Vulnerability	Important
Visual Studio	CVE-2023-28299	Visual Studio Spoofing Vulnerability	Important
Visual Studio	CVE-2023-28262	Visual Studio Elevation of Privilege Vulnerability	Important
Visual Studio	CVE-2023-28263	Visual Studio Information Disclosure Vulnerability	Important
Visual Studio	CVE-2023-28296	Visual Studio Remote Code Execution Vulnerability	Important
Visual Studio Code	CVE-2023-24893	Visual Studio Code Remote Code Execution Vulnerability	Important
Windows Active Directory	CVE-2023-28302	Microsoft Message Queuing Denial of Service Vulnerability	Important
Windows ALPC	CVE-2023-28236	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows ALPC	CVE-2023-28216	Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability	Important
Windows Ancillary Function Driver for WinSock	CVE-2023-28218	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important
Windows Boot Manager	CVE-2023-28269	Windows Boot Manager Security Feature Bypass Vulnerability	Important
Windows Boot Manager	CVE-2023-28249	Windows Boot Manager Security Feature Bypass Vulnerability	Important
Windows Clip Service	CVE-2023-28273	Windows Clip Service Elevation of Privilege Vulnerability	Important
Windows CNG Key Isolation Service	CVE-2023-28229	Windows CNG Key Isolation Service Elevation of Privilege Vulnerability	Important
Windows Common Log File System Driver	CVE-2023-28266	Windows Common Log File System Driver Information Disclosure Vulnerability	Important
Windows Common Log File System Driver	CVE-2023-28252	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important
Windows DHCP Server	CVE-2023-28231	DHCP Server Service Remote Code Execution Vulnerability	Critical
Windows Enroll Engine	CVE-2023-28226	Windows Enroll Engine Security Feature Bypass Vulnerability	Important
Windows Error Reporting	CVE-2023-28221	Windows Error Reporting Service Elevation of Privilege Vulnerability	Important
Windows Group Policy	CVE-2023-28276	Windows Group Policy Security Feature Bypass Vulnerability	Important
Windows Internet Key Exchange (IKE) Protocol	CVE-2023-28238	Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability	Important
Windows Kerberos	CVE-2023-28244	Windows Kerberos Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2023-28271	Windows Kernel Memory Information Disclosure Vulnerability	Important
Windows Kernel	CVE-2023-28248	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2023-28222	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2023-28272	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2023-28293	Windows Kernel Elevation of Privilege Vulnerability	Important
Windows Kernel	CVE-2023-28253	Windows Kernel Information Disclosure Vulnerability	Important
Windows Kernel	CVE-2023-28237	Windows Kernel Remote Code Execution Vulnerability	Important
Windows Kernel	CVE-2023-28298	Windows Kernel Denial of Service Vulnerability	Important
Windows Layer 2 Tunneling Protocol	CVE-2023-28219	Layer 2 Tunneling Protocol Remote Code Execution Vulnerability	Critical
Windows Layer 2 Tunneling Protocol	CVE-2023-28220	Layer 2 Tunneling Protocol Remote Code Execution Vulnerability	Critical
Windows Lock Screen	CVE-2023-28270	Windows Lock Screen Security Feature Bypass Vulnerability	Important
Windows Lock Screen	CVE-2023-28235	Windows Lock Screen Security Feature Bypass Vulnerability	Important
Windows Netlogon	CVE-2023-28268	Netlogon RPC Elevation of Privilege Vulnerability	Important
Windows Network Address Translation (NAT)	CVE-2023-28217	Windows Network Address Translation (NAT) Denial of Service Vulnerability	Important
Windows Network File System	CVE-2023-28247	Windows Network File System Information Disclosure Vulnerability	Important
Windows Network Load Balancing	CVE-2023-28240	Windows Network Load Balancing Remote Code Execution Vulnerability	Important
Windows NTLM	CVE-2023-28225	Windows NTLM Elevation of Privilege Vulnerability	Important
Windows PGM	CVE-2023-28250	Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability	Critical
Windows Point-to-Point Protocol over Ethernet (PPPoE)	CVE-2023-28224	Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability	Important
Windows Point-to-Point Tunneling Protocol	CVE-2023-28232	Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability	Critical
Windows Raw Image Extension	CVE-2023-28291	Raw Image Extension Remote Code Execution Vulnerability	Critical
Windows Raw Image Extension	CVE-2023-28292	Raw Image Extension Remote Code Execution Vulnerability	Important
Windows RDP Client	CVE-2023-28228	Windows Spoofing Vulnerability	Important
Windows RDP Client	CVE-2023-28267	Remote Desktop Protocol Client Information Disclosure Vulnerability	Important
Windows Registry	CVE-2023-28246	Windows Registry Elevation of Privilege Vulnerability	Important
Windows RPC API	CVE-2023-21729	Remote Procedure Call Runtime Information Disclosure Vulnerability	Important
Windows RPC API	CVE-2023-21727	Remote Procedure Call Runtime Remote Code Execution Vulnerability	Important
Windows RPC API	CVE-2023-28297	Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability	Important
Windows Secure Channel	CVE-2023-24931	Windows Secure Channel Denial of Service Vulnerability	Important
Windows Secure Channel	CVE-2023-28233	Windows Secure Channel Denial of Service Vulnerability	Important
Windows Secure Socket Tunneling Protocol (SSTP)	CVE-2023-28241	Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability	Important
Windows Transport Security Layer (TLS)	CVE-2023-28234	Windows Secure Channel Denial of Service Vulnerability	Important
Windows Win32K	CVE-2023-28274	Windows Win32k Elevation of Privilege Vulnerability	Important
Windows Win32K	CVE-2023-24914	Win32k Elevation of Privilege Vulnerability	Important

منبع: https://www.bleepingcomputer.com/

#مایکروسافت

پشتیبانی 24/7 :

ورود به حساب کاربری:

پیشگیری از نشت اطلاعات (DLP)

امنیت ایمیل (Mail Security)

Sandbox

مديريت دارايی ها و پشتيبانی

احراز هویت چندعاملی (Multi-Factor Authentication)

مدیریت دسترسی ها

ESET

Kaspersky

پادویش

Endpoint Detection & Response (EDR)

Extended Detection & Response (XDR)

Mail Plus

Managed Detection and Response service (MDR)

Total Solutions

Network Detection & Response (NDR for IT & OT)

Fortinet

انتشار وصله های امنیتی ماه April مایکروسافت و رفع 97 آسیب پذیری

تیتر مطالب

آسیب پذیری zero-day وصله شده

به روز رسانی های اخیر سایر شرکتها

آسیب پذیری حیاتی در VMware vCenter Server تحت بهره برداری در حملات

رفع 91 آسیب پذیری (4 آسیب پذیری Zero-day) در آپدیت ماه نوامبر 2024 مایکروسافت

شکار تهدیدات: رویکردی پیشگیرانه برای مقابله با تهدیدات سایبری

یکی از بزرگترین ریسک های امنیتی سازمان را شناسایی و مرتفع کنید.

مهم: قابل توجه کاربران ویندوز 11 در شبکه

رفع یک آسیب پذیری حیاتی در نرم افزار بکاپ NAS توسط QNAP

شرکت فنی مهندسی ارتباط پانا

دسترسی سریع

امنیت حرفه ای

عضویت در خبرنامه

شبکه اجتماعی