* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, July 3, 2026
Earth-News
  • Home
  • Business
  • Entertainment

    What Will Be Celebrated as an American Classic 250 Years from Now?

    How Investors Might Respond to PENN Entertainment’s Aurora Casino Launch and the Russell 2000 Shake-Up

    Discover La Jolla’s Unmissable Entertainment and Experiences: Your Ultimate Guide

    Seaport Entertainment GC Steps Into New Role as Strategic CEO Adviser

    PENN Entertainment to Reveal Second Quarter Results and Host Live Conference Call on August 6

    Get Ready for Dancing, Music, and Lobster Tales at the Opera House!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    Is tech ruining the World Cup? – BBC

    Arch Appoints Chief Technology Officer – Family Wealth Report

    CrowdStrike Named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security – Yahoo Finance

    Revolutionary AI Tool Set to Transform RNA Mapping, Challenging AlphaFold 3

    Essential Insights from Bosch’s BIS Settlement and DOJ Declination: What Every Company Using U.S. Technology Must Understand About the Foreign Direct Product Rule

    US Intensifies Trade Restrictions with Expanded Ban on Chinese Technology Imports

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment

    What Will Be Celebrated as an American Classic 250 Years from Now?

    How Investors Might Respond to PENN Entertainment’s Aurora Casino Launch and the Russell 2000 Shake-Up

    Discover La Jolla’s Unmissable Entertainment and Experiences: Your Ultimate Guide

    Seaport Entertainment GC Steps Into New Role as Strategic CEO Adviser

    PENN Entertainment to Reveal Second Quarter Results and Host Live Conference Call on August 6

    Get Ready for Dancing, Music, and Lobster Tales at the Opera House!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    Is tech ruining the World Cup? – BBC

    Arch Appoints Chief Technology Officer – Family Wealth Report

    CrowdStrike Named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security – Yahoo Finance

    Revolutionary AI Tool Set to Transform RNA Mapping, Challenging AlphaFold 3

    Essential Insights from Bosch’s BIS Settlement and DOJ Declination: What Every Company Using U.S. Technology Must Understand About the Foreign Direct Product Rule

    US Intensifies Trade Restrictions with Expanded Ban on Chinese Technology Imports

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Microsoft WordPad Vulnerability Exploited in Widespread Cyberattacks

October 11, 2023
in Technology
Microsoft WordPad Vulnerability Exploited in Widespread Cyberattacks
Share on FacebookShare on Twitter

Microsoft WordPad Vulnerability Exploited in Cyberattacks

Microsoft has released over 100 security updates to address critical vulnerabilities in its products, some of which have already been exploited by cybercriminals.

These security patches come when the world is struggling amidst an increasing wave of cyberattacks. Two vulnerabilities are the most concerning in MS WordPad, which has fallen victim to active attacks.

Malicious players have deployed massive Distributed Denial of Service (DDoS) attacks to exploit the vulnerabilities.

One of the most alarming vulnerabilities is Rapid Reset, tracked as CVE-2023-44487, an HTTP/2 protocol flaw that has been exploited since August.

Amazon, Microsoft, Cloudflare, and Google have scrambled to mitigate the risk and secure their servers from the crippling Rapid Reset attacks. The major tech giants have promptly responded to the vulnerability, considering its severity.

CVE-2023-36563, the other vulnerability, has been publicly disclosed and actively exploited. The flaw in Microsoft WordPad allows malicious players to steal NTLM hashes.

Cybercriminals use two methods to exploit this vulnerability. One involves a rogue or compromised user running a specially crafted application that can lead to the system getting compromised.

The other involves luring victims into opening a malicious file through instant messages or email.

Skype for Business Privilege Escalation Also Under Attack

A privilege escalation vulnerability in Skype for Business, CVE-2023-41763, is also under active attack from the miscreants. An attacker can exploit this flaw by initiating a specially crafted network call to the target server or Skype for Business.

This lets the attacker view sensitive information like IP addresses and port numbers. However, they cannot alter this data.

13 of the October patches have been classified as critical-rated vulnerabilities. Among these, 12 can lead to remote code execution (RCE), which calls for the urgent need for updates.

Among the crucial updates, 20 patches target Message Queuing, with CVE-2023-35349 standing out with a high CVSS severity score of 9.8, potentially allowing RCE without requiring user interaction.

CVE-2023-36778 is yet another crucial vulnerability for organizations using Exchange Server in-house. This Microsoft Exchange Server RCE vulnerability has an 8.0 CVSS rating and is characterized as “exploitation more likely.”

Attackers can exploit this flaw using social engineering. Such access to Exchange Server can lead to unauthorized email access, potential impersonation, and financial data theft.

Citrix, Adobe, and Others are Fixing Patches

Citrix has also released critical patches, addressing a 9.4-rated flaw in its NetScaler ADC and NetScaler Gateway appliances (CVE-2023-4966) that could potentially expose sensitive information.

A denial-of-service bug, CVE-2023-4967, is also affecting these appliances. Thus, users are being urged to patch the flaws immediately. Adobe has addressed 13 vulnerabilities in Bridge, Commerce, and Photoshop.

On the other hand, SAP has released seven security notes. One of these vulnerabilities earned a perfect 10 CVSS score.

Google’s October Android security bulletin addressed 54 flaws, including concerns regarding an Arm driver bug and a critical system flaw (CVE-2023-4863) with the potential for Remote Code Execution (RCE).

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : TechReport – https://techreport.com/news/microsoft-wordpad-vulnerability-exploited-in-widespread-cyberattacks/

Tags: MicrosofttechnologyWordPad
Previous Post

Ripple Vs. SEC Case: Was the Celebration Too Early for the Crypto?

Next Post

Vigil in Washington, D.C., honored victims of the Hamas attack on Israel

Why Gas Tax Reimbursement Benefits Both Policy and Politics

July 3, 2026

Garden Walk Celebrates Local Landscapes and Supports Ecology Center Scholarships

July 3, 2026

Is tech ruining the World Cup? – BBC

July 3, 2026

The 20 things in sports I only wish I could declare independence from this year – Chicago Sun-Times

July 3, 2026

One Injection That Can Reverse Osteoarthritis in Just Weeks

July 3, 2026

Croatia Sparks Controversy with ‘Unambitious’ 2022 Science Law Reforms

July 3, 2026

Marian Rivera Shares Candid Insights on Her Personal Growth Journey

July 3, 2026

From Heartbreak to Heroism: How Colombia’s Crushing Defeat to France Transformed Their World Cup Journey

July 3, 2026

Trump’s Job Market Defies Consumer Doubts with Surprising Strength

July 2, 2026

SyracuseCoE to Host Exciting International Healthy Buildings Conference

July 2, 2026

Categories

Archives

July 2026
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (1,297)
  • Economy (1,316)
  • Entertainment (22,195)
  • General (22,434)
  • Health (10,353)
  • Lifestyle (1,330)
  • News (22,149)
  • People (1,321)
  • Politics (1,339)
  • Science (16,531)
  • Sports (21,816)
  • Technology (16,303)
  • World (1,310)

Recent News

Why Gas Tax Reimbursement Benefits Both Policy and Politics

July 3, 2026

Garden Walk Celebrates Local Landscapes and Supports Ecology Center Scholarships

July 3, 2026
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version