- 10/25/2023 3:24:34 PM
- Tin tức
Department of Information Security (ATTT) - Ministry of Information and Communications requests agencies, organizations, and enterprises (DN) to check, review, and identify computers using Windows operating systems that are likely to be affected by 6 vulnerabilities. High-level and serious security vulnerabilities in Microsoft products.
To avoid the risk of cyber attacks, the Department of Information Security and Ministry of Information and Communications has just warned agencies, organizations and businesses about high-level and serious information security vulnerabilities in Microsoft products announced in October 2023.
The October patch list with 103 information security vulnerabilities in Microsoft products was recently released by this technology company. Through assessment, the Department of Information Security, directly the National Cyber Security Monitoring Center - NCSC recommends that units pay attention to 6 vulnerabilities.
Specifically, the vulnerability CVE-2023-36563 in Microsoft WordPad allows attackers to collect user NTLM hash information; CVE-2023-41763 vulnerability in Skype for Business allows attackers to perform privilege escalation. Both of these vulnerabilities are being exploited in practice by hacker groups.
Meanwhile, the vulnerability CVE-2023-36434 in Windows IIS Server 2 allows attackers to perform privilege escalation; 02 vulnerabilities CVE-2023-35349, CVE-2023-36697 in Microsoft Message Queuing allow attackers to execute remote code.
Notably, among the 6 vulnerabilities warned, there is the vulnerability CVE-2023-36778 that exists in Microsoft Exchange Server software that allows attackers to execute remote code.
Recently, NCSC has also released extensive warning documents about vulnerabilities affecting Microsoft Exchange Server. This shows that Microsoft Exchange Server is still the top target targeted by intentional attackers.
Therefore, to ensure information security for the systems of agencies and organizations, the Department of Information Security recommends that units review vulnerabilities related to Microsoft Exchange Server to detect and have timely treatment plans, while increasing Strengthen monitoring to minimize the risk of being attacked through these vulnerabilities.
In particular, in order to ensure the safety of the unit's information system and contribute to ensuring the safety of Vietnam's cyberspace, the Department of Information Security recommends that agencies, organizations, and businesses inspect, review, and identify Computers using the Windows operating system are likely to be affected by the 6 vulnerabilities mentioned above. Perform patch updates promptly to avoid the risk of attacks.
Agencies, organizations and businesses are also recommended to strengthen monitoring and be ready with solutions when detecting signs of cyber exploitation or attack; At the same time, regularly monitor warning channels of authorities and major information security organizations to promptly detect cyber attack risks.
In case of necessity, agencies, organizations, and businesses can contact the support focal point of the Department of Information and Communications: National Cyber Security Monitoring Center./.
Gaming Computer
1 ×
$940.00
Smartphone Vivo
V9
1 ×
$899.00
SanDisk Flash
Drive
1 ×
$756.00
Smart Power Bank
1 ×
$723.00
Apple Smartwatch
1 ×
$1080.00
English
