Microsoft's June Patch Tuesday Fixes Critical SharePoint, Exchange, and Windows Bugs
Microsoft's June Patch Tuesday has addressed a critical bug in SharePoint Server and several high-severity vulnerabilities in Windows and Exchange. The updates come without the usual urgency of active zero-day exploitation, a first since March 2022.
The most pressing issue fixed is CVE-2023-29357, a critical bug in Microsoft 365 SharePoint Server. This vulnerability allows an unauthenticated attacker on the same network to gain admin access to an internal SharePoint server, posing significant risks to organizations. Meanwhile, Microsoft Exchange vulnerabilities CVE-2023-32031 and CVE-2023-28310 have been patched. These flaws can be exploited by an authenticated user in the network to gain code execution on the server, affecting all versions of Windows Server 2008 and later, as well as Windows 10 and later.
In addition, Microsoft has addressed three other critical vulnerabilities (CVE-2023-32015, CVE-2023-32014, CVE-2023-29363) in the Windows Pragmatic General Multicast component. These have a CVSS score of 9.8 and can be exploited over the network without requiring privileges or user interaction.
Microsoft's June updates resolve a total of 70 security vulnerabilities, including several critical issues in SharePoint, Exchange, and Windows. Organizations are urged to apply these updates promptly to mitigate potential security risks.
Read also:
- Unveiling the Less-Discussed Disadvantages of Buds - Revealing the Silent Story
- Jaguar Land Rover's Month-Long Production Halt After Cyber Attack Could Cost Billions
- "In a daring decision, Battlefield 6 forgoes ray tracing - understanding the advantages this choice brings"
- EU Bolsters Drone Defense with 'Kreuger 100' Interceptor
