Google’s Pixel units have already acquired the November replace, together with some further fixes. The November Android Security Bulletin has additionally began to roll out to a few of Samsung’s Galaxy line.
Microsoft
Microsoft has a Patch Tuesday each month, however November’s is value discover. The replace fixes 59 vulnerabilities, two of that are already being exploited in real-life assaults. Tracked as CVE-2023-36033, the primary is an elevation of privilege vulnerability in Windows DWM Core Library marked as essential, with a CVSS rating of seven.8. “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft mentioned.
Meanwhile, CVE-2023-36036 is an elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver with a CVSS rating of seven.8. Also fastened in November’s replace cycle is the already exploited libWep flaw beforehand fastened in Chrome and different browsers, which additionally impacts Microsoft’s Edge, tracked as CVE-2023-4863.
Another notable flaw is CVE-2023-36397, a distant code execution vulnerability in Windows Pragmatic General Multicast marked as vital with a CVSS rating of 9.8. “When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code,” Microsoft mentioned.
Cisco
Enterprise software program agency Cisco has issued fixes for 27 safety flaws, together with one rated as vital with a close to most CVSS rating of 9.9. Tracked as CVE-2023-20048, the vulnerability within the internet companies interface of Cisco Firepower Management Center Software might permit an authenticated, distant attacker to execute unauthorized configuration instructions on a Firepower Threat Defense system managed by the FMC Software.
However, to efficiently exploit the vulnerability, an attacker would wish legitimate credentials on the FMC Software, Cisco mentioned.
An extra seven of the issues fastened by Cisco are rated as having a excessive impression, together with CVE-2023-20086—a denial-of-service flaw with a CVSS rating of 8.6—and CVE-2023-20063, a code-injection vulnerability with a CVSS rating of 8.2.
Atlassian
Atlassian has launched a patch to repair a critical flaw already being utilized in real-life assaults. Tracked as CVE-2023-22518, the improper-authorization vulnerability problem in Confluence Data Center and Server is being utilized in ransomware assaults. “As part of Atlassian’s ongoing monitoring and investigation of this CVE, we observed several active exploits and reports of threat actors using ransomware,” it mentioned.
Security outfit Trend Micro reported the Cerber ransomware group is utilizing the flaw in assaults. “This is not the first time that Cerber has targeted Atlassian—in 2021, the malware re-emerged after a period of inactivity and focused on exploiting remote code execution vulnerabilities in Atlassian’s GitLab servers,” Trend Micro mentioned.
All variations of Confluence Data Center and Server are affected by the flaw, which permits an unauthenticated attacker to reset Confluence and create an administrator account. “Using this account, an attacker can perform all administrative actions available to a Confluence instance administrator, leading to a full loss of confidentiality, integrity and availability,” Atlassian mentioned.
SAP
Enterprise software program big SAP has launched its November Security Patch Day, fixing three new flaws. Tracked as CVE-2023-31403 and with a CVSS rating of 9.6, probably the most critical problem is an improper entry management vulnerability flaw in SAP Business One. As a results of exploiting the problem, a malicious person might learn and write to the SMB shared folder, the software program big mentioned.