The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched zero-day vulnerability affecting Microsoft’s .NET and Visual Studio products to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2023-38180, was addressed by Microsoft in its August 2023 Patch Tuesday updates. The flaw could be exploited for denial-of-service (DoS) attacks, and Microsoft noted that it is aware of malicious exploitation. CISA has categorized it as an ‘important’ severity issue and has instructed government organizations to apply patches or mitigations by August 30.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.