Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th. In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was reported by two Akamai researchers, Stiv Kupchik and Ophir Harpaz. The vulnerability allows for a privilege elevation on a server by executing a malicious RPC call, allowing the attacker access to RPC functions normally restricted to privileged accounts. Akamai has been performing a lot of RPC research over the…
This article has been indexed from HelpSystems Blog
Read the original article: