ISC StormCast for Wednesday, November 15th, 2023
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 15 November 2023
⏱️ 7 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Wednesday, November 15th, 2023 edition of the Sansonet Storm Center's |
| 0:07.3 | Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida. |
| 0:13.9 | It's Microsoft Patch Tuesday, so let's dive right in. We got patches for 64 different vulnerabilities in Microsoft products. |
| 0:24.9 | There were 14 vulnerabilities affecting chromium and with that Microsoft Edge. |
| 0:30.5 | There were also five vulnerabilities mentioned in the patch Tuesday release that are really Linux vulnerabilities and they affect |
| 0:39.8 | the Microsoft Linux distribution Mariner that is used in Asia. So I didn't really cover them as part |
| 0:48.0 | of our Patch Tuesday overview because there aren't really anything special sort of Microsoft related. |
| 0:55.5 | Only three of the vulnerabilities are considered critical. |
| 0:58.6 | Now we had five different vulnerabilities that were either already known prior to Patch Tuesday |
| 1:04.8 | or that are already being exploited. |
| 1:07.5 | None of those five actually falls in the critical category. Let's start with the first |
| 1:14.4 | one of the already disclosed vulnerabilities. That's CVE 202033-36-038. This is a denial of service |
| 1:24.3 | vulnerability in ASP.net core, CVSS score of 8.2. The second one is more |
| 1:31.5 | interesting. That's a Microsoft Office security feature bypass CVE 2023-36413. When you download a document, |
| 1:42.6 | when you receive a document, email and open it, it's supposed to open in the restricted, the protected mode. |
| 1:50.4 | Well, due to this vulnerability, that can be bypassed and the document becomes fully editable, which also means some active content like macros and such may be enabled. |
| 2:02.2 | Then we have a privilege escalation vulnerability, actually a couple of them, CVE 2023-36-036. |
| 2:09.9 | That one is already being exploited. It's in the Microsoft Windows Cloud Files mini-filter driver. |
| 2:17.0 | And the second Prolige Escal approach escalation vulnerability that is being exploited and has been disclosed |
| 2:23.4 | prior to the patch release is a flaw in the Windows DWM Core Library. |
| 2:30.0 | A second security feature vulnerability or security feature bypass vulnerability and and that's CVE 20203-36-025 in Windows Smart Screen, already being exploited and not yet made public. |
| 2:48.6 | And finally, there is sort of one critical vulnerability that I want to point out, and that's CVE |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.