During this month’s Patch Tuesday, Microsoft released a relatively low number of security updates to fix flaws plaguing its products, however, six of the patches are flaws being actively exploited in the wild. According to Microsoft, one of these flaws is called “ProxyNotShell” and lies in the Microsoft Exchange Server. The bug was first revealed in September. Additionally, the tech giant stated that an elevation of privilege vulnerability and remote code execution bug are being exploited by Chinese threat actors.
Microsoft and other security researchers have recommended installing the patches within 24 hours to avoid any further risk of exploitation. The other zero-days patched impact the JScript9 scripting language and Windows Print Spooler. Rapid7 has stated that the four CVEs impacting the Exchange Server should be considered to be a threat to security due to their classifications as critical and important on the CVEE severity scale. Users should update their systems immediately, Rapid7 says.
