Microsoft Genel Zafiyet Güncellemeleri

  1. Güncel Zafiyet Bildirimleri
  2. Arşiv
  3. Microsoft Genel Zafiyet Güncellemeleri

Microsoft Genel Zafiyet Güncellemeleri

11 Temmuz 2023 tarihinde Microsoft aşağıda kaynak linkleri ve CVE kodları belirtilmiş olan zafiyetler ile ilgili raporlar yayınlamıştır.

Microsoft Genel Zafiyet Güncellemeleri

Zafiyetler ile ilgili detaylar ve çözüm önerileri için ilgili linke tıklayınız.

Etkilenen Sistemler

Remote Procedure Call Runtime Remote Code Execution Vulnerability - CVE-2023-35300 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35300 https://nvd.nist.gov/vuln/detail/CVE-2023-35300

Windows Kernel Elevation of Privilege Vulnerability - CVE-2023-35305 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35305 https://nvd.nist.gov/vuln/detail/CVE-2023-35305

Windows Deployment Services Remote Code Execution Vulnerability - CVE-2023-35322 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35322 https://nvd.nist.gov/vuln/detail/CVE-2023-35322

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability - CVE-2023-35317 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35317 https://nvd.nist.gov/vuln/detail/CVE-2023-35317

Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability - CVE-2023-35315 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35315 https://nvd.nist.gov/vuln/detail/CVE-2023-35315

Windows OCSP SnapIn Remote Code Execution Vulnerability - CVE-2023-35313 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35313 https://nvd.nist.gov/vuln/detail/CVE-2023-35313

Windows Common Log File System Driver Elevation of Privilege Vulnerability - CVE-2023-35299 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35299 https://nvd.nist.gov/vuln/detail/CVE-2023-35299

Windows Installer Elevation of Privilege Vulnerability - CVE-2023-32053 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32053 https://nvd.nist.gov/vuln/detail/CVE-2023-32053

Windows SmartScreen Security Feature Bypass Vulnerability - CVE-2023-32049 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049 https://nvd.nist.gov/vuln/detail/CVE-2023-32049

Windows MSHTML Platform Elevation of Privilege Vulnerability - CVE-2023-32046 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046 https://nvd.nist.gov/vuln/detail/CVE-2023-32046

Windows Win32k Elevation of Privilege Vulnerability - CVE-2023-21756 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21756 https://nvd.nist.gov/vuln/detail/CVE-2023-21756

Windows Netlogon Information Disclosure Vulnerability - CVE-2023-21526 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21526 https://nvd.nist.gov/vuln/detail/CVE-2023-21526

Windows Server Service Security Feature Bypass Vulnerability - CVE-2023-32022 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32022 https://nvd.nist.gov/vuln/detail/CVE-2023-32022

Windows RRAS Remote Code Execution Vulnerability - CVE-2023-35367 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35367 https://nvd.nist.gov/vuln/detail/CVE-2023-35367

Windows Error Reporting Service Elevation of Privilege Vulnerability - CVE-2023-36874 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874 https://nvd.nist.gov/vuln/detail/CVE-2023-36874

Windows Active Directory Certificate Services Remote Code Execution Vulnerability - CVE-2023-35350 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35350 https://nvd.nist.gov/vuln/detail/CVE-2023-35350

Windows Geolocation Service Remote Code Execution Vulnerability - CVE-2023-35343 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35343 https://nvd.nist.gov/vuln/detail/CVE-2023-35343

Windows CryptoAPI Denial of Service Vulnerability - CVE-2023-35339 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35339 https://nvd.nist.gov/vuln/detail/CVE-2023-35339

Windows Peer Name Resolution Protocol Denial of Service Vulnerability - CVE-2023-35338 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35338 https://nvd.nist.gov/vuln/detail/CVE-2023-35338

Windows Extended Negotiation Denial of Service Vulnerability - CVE-2023-35330 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35330 https://nvd.nist.gov/vuln/detail/CVE-2023-35330

IoC’ler

-

Çözüm Önerileri

-

Tedbirler

-

CVE / CWE

CVE-2023-35300 / CVE-2023-35322 / CVE-2023-35317 / CVE-2023-35315 / CVE-2023-35313 / CVE-2023-35305 / CVE-2023-35299 / CVE-2023-32053 / CVE-2023-32049 / CVE-2023-32046 / CVE-2023-21756 / CVE-2023-21526 / CVE-2023-32022 / CVE-2023-35367 / CVE-2023-36874 / CVE-2023-35350 / CVE-2023-35343 / CVE-2023-35339 / CVE-2023-35338 / CVE-2023-35330

Ek Bilgiler

-

* CVSS 3.1 skoru (10 üzerinden) 7.0-8.9 olanlar “yüksek”, 9.0-10.0 olanlar “kritik” zafiyet olarak değerlendirilmektedir.

Güvenlik Zafiyet Bildirimleri

Güvenlik Zafiyet Bildirimleri
SolarWinds Serv-U Uzaktan Kod Çalıştırma Güvenlik Zafiyeti

21/07/2021
Güvenlik Zafiyet Bildirimleri
Microsoft Exchange Server Uzaktan Kod Çalıştırma Güvenlik Zafiyeti-34473

21/07/2021
Güvenlik Zafiyet Bildirimleri
Microsoft Exchange Server Uzaktan Kod Çalıştırma Güvenlik Zafiyeti-31206

21/07/2021
Güvenlik Zafiyet Bildirimleri
Kaseya VSA Ürünü Tedarik Zinciri Saldırısı

06/07/2021
Güvenlik Zafiyet Bildirimleri
CVE-2021-1675 PrintNightmare Zafiyeti

01/07/2021
Güvenlik Zafiyet Bildirimleri
VMware VCenter Uzaktan Kod Yürütme Güvenlik Zafiyeti

26/05/2021
Güvenlik Zafiyet Bildirimleri
Microsoft Exchange Server Uzaktan Kod Çalıştırma Güvenlik Zafiyetleri

14/04/2021
Güvenlik Zafiyet Bildirimleri
Mart 2021 Microsoft Exchange 0-Day Bildirimleri

03/03/2021
Güvenlik Zafiyet Bildirimleri
Spectre Zafiyeti Sömürüsü

03/03/2021
Güvenlik Zafiyet Bildirimleri
Masslogger Oltalama Kampanyası

19/02/2021
Güvenlik Zafiyet Bildirimleri
Solarwinds Raindrop Zararlısı

20/01/2021
Güvenlik Zafiyet Bildirimleri
Solarwinds Orion Api Kimlik Doğrulaması Atlatma Zafiyeti

28/12/2020
Güvenlik Zafiyet Bildirimleri
Solarwinds Sunburst Saldırı Kampanyası

22/12/2020
Güvenlik Zafiyet Bildirimleri
StrongPity Watering Hole

07/07/2020
Güvenlik Zafiyet Bildirimleri
Microsoft Smbv3 Compression Zafiyeti

11/03/2020
İSTANBUL

+90 216 504 53 30

+90 216 504 53 32

info@barikat.com.tr

Aydınevler Mahallesi,İsmet İnönü Cadddesi,Küçükyalı Ofis Park A Blok,No:20/1 Maltepe İstanbul

ANKARA

+90 312 235 44 41

+90 312 235 44 51

info@barikat.com.tr

Mustafa Kemal Mahallesi, Dumlupınar Bulvarı No:164, Kentpark Ofis, Kat:4 Daire:06 Çankaya, 06510 Ankara, Türkiye

AMSTERDAM

+90 216 504 53 30

+90 216 504 53 32

info@barikatbv.com

Millenium Tower Floor 29, Radarweg 29 1045 XN Amsterdam, Netherlands

ZAFİYET BÜLTENİ

Güvenlik zafiyetlerinden anlık haberdar olmak için ana sayfadaki bültenimize kayıt olabilirsiniz.

Barikat Siber Güvenlik

© 2021 Barikat Siber Güvenlik Tüm Hakları Saklıdır.