Risk of cyber attacks on systems in Vietnam from 10 new vulnerabilities
Science - Technology - Posted date: 10:15, April 20, 2023
Ten new security vulnerabilities have been warned by the Department of Information Security, Ministry of Information and Communications to specialized IT and information security units of ministries, branches, localities; corporations, state-owned enterprises, banks, and financial institutions. These are vulnerabilities in the list of April 2023 patches just released by Microsoft.
Specifically, the vulnerability CVE-2023-21554 in Microsoft Message Queuing; 3 vulnerabilities CVE-2023-23384, CVE-2023-23375, CVE-2023- 28304 in Microsoft SQL Server; and 2 vulnerabilities CVE-2023-28287, CVE-2023-28295 in Microsoft Publisher all allow attackers to execute remote code.
Two vulnerabilities CVE-2023-28309 and CVE-2023-28314 in Microsoft 2 Dynamics 365 allow attackers to perform XSS attacks. This is a technique based on exploiting website vulnerabilities to run attack code on the user's machine, aiming to steal user data.
Security vulnerabilities are considered one of the leading causes of cyber attacks targeting organizations and businesses. (Illustration photo)
With the CVE-2023-28252 vulnerability in Windows Common Log File System Driver, according to experts, this security vulnerability allows attackers to perform privilege escalation attacks and is currently being exploited in practice.
Notably, the WinVerifyTrust signature validation vulnerability, CVE-2013-3900, allows an attacker to add content to the code signature section of a signed executable without invalidating the signature. This vulnerability was recently used in supply chain attacks on 3CX software.
Microsoft has released a fix for signature validation as an option to enable or disable, which is disabled by default if not configured. In this update, Microsoft has added the affected operating system versions. To improve information security for devices using Windows operating systems, users may consider enabling this check option.
In order to ensure information security for the information systems of agencies, organizations and enterprises, contributing to ensuring the safety of Vietnam's cyberspace, the Department of Information Security recommends that units check, review and identify machines using the Windows operating system that are likely to be affected; and promptly update patches to avoid the risk of being attacked. "The best solution is to update patches for the above security vulnerabilities according to Microsoft's instructions," the Department of Information Security further noted.
Agencies, organizations and businesses are also required to strengthen monitoring and prepare response plans when detecting signs of exploitation and cyber attacks. At the same time, regularly monitor the warning channels of competent authorities and large organizations on information security to promptly detect cyber attack risks.
Speaking to reporters, expert Vu Ngoc Son, Technical Director of Vietnam National Cyber Security Technology Company (NCS), said that exploiting software vulnerabilities is the main route of current APT attacks in Vietnam. Hackers can exploit vulnerabilities from less important computers, branches, and partners connected to the main system and from there use them as a springboard to continue collecting information, lying low, and looking for opportunities to attack the main system.
“Therefore, updating vulnerability patches is very important, not only to protect the computers and servers you manage, but also to protect network systems connected to your computers and servers remotely, avoiding the risk of APT attacks,” Mr. Vu Ngoc Son emphasized.
According to Vietnamnet