Oct 11, 2023

Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug

Posted by in categories: business, computing, security by @wirelesswench

Microsoft flagged two zero-day security vulnerabilities under active attack in October’s Patch Tuesday update, which affect Microsoft WordPad and Skype for Business. The release also features a critical-rated, wormable bug in Message Queuing that could instill terror for admins of vulnerable systems.

The two bugs are part of a cadre of 103 total CVEs addressed by the computing giant this month. The patches run the gamut of Microsoft’s portfolio, including Azure, ASP.NET, Core, and Visual Studio; Exchange Server; Office, Microsoft Dynamics, and Windows.

Appropriately for October, the number of critical-rated vulnerabilities comes in at an unlucky 13; and notably, a full 20% of the fixes in the update relate to Microsoft Message Queuing (MSMQ).

Leave a reply