Microsoft has released updates that address up to 132 new security flaws, including six zero-day bugs that it says are being actively exploited.
According to The Hacker News, 9 out of 132 bugs are rated very serious. This is an additional patch for eight vulnerabilities that Microsoft patched in the Chromium-based Edge browser late last month.
manufacturer The Windows says it is aware of targeted attacks against defense and government organizations in Europe and North America that are attempting to exploit the CVE-2023-36884 bug using Microsoft Office documents containing malicious code with content related to Ukraine, similar to the findings from CERT-UA and BlackBerry.
Microsoft says hackers will create a Microsoft Office document that allows them to execute code remotely on the victim’s machine. However, the hacker would have to convince the victim to open the malicious file. The company linked the hacking campaign to a Russian cybercriminal group, Storm-0978, known as RomCom, Tropical Scorpius, UNC2596, and Void Rabisu
The Microsoft Threat Intelligence team says hackers also deployed the ransomware, which is closely related to the Industrial Spy ransomware, which was first discovered in May 2022. The organization’s latest campaign discovered in June 2023 exploits the CVE-2023-36884 bug to provide a backdoor similar to the RomCom group’s tactics.
Microsoft said it has taken appropriate actions to help protect customers in the form of out-of-scope security updates or through the monthly release process. In the absence of a patch for CVE-2023-36884, the company is urging users to block all Office applications from creating subprocesses (ASRs).
Microsoft also said it revoked the code signing certificate used to sign and install malicious kernel drivers on compromised systems by exploiting a Windows vulnerability to change the driver signing date. before July 29, 2015, using open-source tools.
It remains unclear how other vulnerabilities are being exploited and how widespread the attacks are. But before this situation, users should quickly apply updates from Microsoft to minimize potential threats
