October 2023 in Cybersecurity

Quick recap summarising a few prolific Cybersecurity Incidents and Events during the month of October 2023:

Security Advisories

• Oct 1 – CVE Summary: Six 0day exploits were filed against Exim
• Oct 1 – CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx
• Oct 3 – CVE-2023-4911: Local Privilege Escalation in the glibc’s ld.so
• Oct 10 – CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
• Oct 10 – CVE-2023-38545: curl: SOCKS5 heap buffer overflow
• Oct 11 – CVE-2023-38546: curl: Cookie injection
• Oct 11 – CVE-2023-5631: XSS vulnerability in Roundcube webmail

Operating Systems

• Oct 20 – iOS 17.1 released to fix several severe vulnerabilities

Other

• Oct 5 – Microsoft Teams switches from Electron Framework to its in-house Webview2 Framework used in Edge!
  • What this means?
    • Microsoft Teams Client no longer available for Linux Distributions?
    • Script injection less likely with removal of Electron Framework (a framework with some very well known attack vectors).
    • New Microsoft Teams Client rolled out to Windows and MacOS.
    • Ability to login to multiple accounts/tenants (no need more multi container instances anymore!).
    • Inability to de-auth or faciliate a logout when clicking “Sign Out” (this is possibly a new issue/feature introduced with the credential storage location on MacOS. Hint: Keychain)