‘Rapid Reset’ DDoS Attacks Rise: October 2023 Patch Tuesday Has Arrived (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487)

From socradar.io

Microsoft has just released its October 2023 Patch Tuesday, which addresses a total of 103 security vulnerabilities. Among these, 12 have been rated as critical, and there are three zero-day vulnerabilities currently being actively exploited. One of these zero-day vulnerabilities relates to Rapid Reset DDoS attacks, which have recently emerged as a significant issue.

The October 2023 Patch Tuesday includes the following vulnerability types:

  • 45 Remote Code Execution (RCE) Vulnerabilities
  • 26 Elevation of Privilege (EoP) Vulnerabilities 
  • 16 Denial of Service (DoS) Vulnerabilities 
  • 12 Information Disclosure Vulnerabilities
  • 3 Security Feature Bypass Vulnerabilities 
  • 1 Cross-Site Scripting (XSS) Vulnerability

We will spotlight the addressed vulnerabilities, outline the risks associated with zero-day exploits, and guide organizations on protecting their systems.

Read more…