Hello, welcome to the Wednesday, August 9, 2020, 3 edition of the Sandtonet Storm Center's

Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Well, it's Microsoft Patch Tuesday, so of course we do have to start here with Microsoft's

patches that were released today.

88 vulnerabilities being addressed, which includes the chromium vulnerabilities.

Six of these are critical and two are already being exploited.

Third one is not exploited, but has been made public already.

The most interesting part here is an advisory, actually not a patch,

that Microsoft released Advisory 230-003,

and this is in relation to CVE 2023-36884. This vulnerability was mentioned in last month's Microsoft

updates, but no patch was provided. Instead, Microsoft did offer a number of workarounds.

Microsoft now, first of all, gave us more details. This particular

vulnerability is related to the Windows search feature. And yes, as sort of expected back

in July, this is related to the mark of the web, where essentially an attacker could trick

a user to open a document and there would

be no warning that this executable was actually downloaded from the internet. We still don't really

have a patch for this instead, an advisory 23003 this advisory just breaks the exploit change chain as it states here

in the advisory not exactly sure what exactly it blocks here so without knowing that it's also

of course hard to assess if this could

possibly be bypassed. Again, do apply these patches. They're actively being exploited by what

Microsoft calls the Storm 3978 crew. Then inexploited vulnerabilities. We do have denial of service vulnerability in Dotnet Visual Studio.

Apparently, this affects the Kestral web server that is being included with dot net.

...