{"id":29154,"date":"2023-01-11T01:09:35","date_gmt":"2023-01-11T01:09:35","guid":{"rendered":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/"},"modified":"2023-01-11T01:09:35","modified_gmt":"2023-01-11T01:09:35","slug":"first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register","status":"publish","type":"post","link":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/","title":{"rendered":"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register"},"content":{"rendered":"<p> <a href=\"https:\/\/go.fiverr.com\/visit\/?bta=1052423&nci=17043\" Target=\"_Top\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/fiverr.ck-cdn.com\/tn\/serve\/?cid=40081059\"  width=\"601\" height=\"201\"><\/a>\n<\/p>\n<div id=\"body\">\n<p><span class=\"label\">Patch Tuesday<\/span> Microsoft fixed 98 security flaws in its first Patch Tuesday of 2023 including one that&#8217;s already been exploited and another listed as publicly known. Of the new January vulnerabilities, 11 are rated critical because they lead to remote code execution.<\/p>\n<p>The bug that&#8217;s under exploit, tracked as <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21674\" rel=\"nofollow\">CVE-2023-21674<\/a>, is an advanced local procedure call elevation of privilege vulnerability that received an 8.8 CVSS rating.<\/p>\n<p>Redmond, per usual, provides scant details about the security hole and zero details about how miscreants are abusing the vulnerability. It does note that it could allow a local attacker to escalate privileges all the way up to SYSTEM level.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n        <noscript><br \/>\n            <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt=\"\"\/><br \/>\n            <\/a><br \/>\n        <\/noscript>\n    <\/div>\n<p>&#8220;Bugs of this type are often paired with some form of code exaction to deliver malware or ransomware,&#8221; according to the <a href=\"https:\/\/www.zerodayinitiative.com\/blog\/2023\/1\/10\/the-january-2023-security-update-review\" rel=\"nofollow\">Zero Day Initiative&#8217;s Dustin Childs<\/a>. &#8220;Considering this was reported to Microsoft by researchers from Avast, that scenario seems likely here.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><br \/>\n                    <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                        <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                    <\/a><br \/>\n                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21549\" rel=\"nofollow\">CVE-2023-21549<\/a>, another elevation of privilege vulnerability, this one in Windows SMB Witness Service, also received an 8.8 severity score and is listed as publicly known.\u00a0<\/p>\n<p>&#8220;To exploit this vulnerability, an attacker could execute a specially crafted malicious script which executes an RPC call to an RPC host,&#8221; according to the security alert.\u00a0<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>This could allow the attacker to escalate privileges, and then execute RPC functions that can only be sent by privileged accounts.<\/p>\n<h3 class=\"crosshead\">So many steps<\/h3>\n<p>Some of the other more interesting vulnerabilities, according to security researchers, include <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21743\" rel=\"nofollow\">CVE-2023-21743<\/a>, a security feature bypass bug in Microsoft Sharepoint Server. Redmond deems &#8220;exploitation more likely,&#8221; for this flaw, and notes that it could allow an unauthenticated attacker to make an anonymous connection.<\/p>\n<p>But in addition to installing the security update for SharePoint server, admins also need to trigger another upgrade action to be protected from possible exploit. Microsoft explains how to trigger this upgrade in the alert, but, as Childs notes: &#8220;Situations like this are why people who scream &#8216;Just patch it!&#8217; show they have never actually had to patch an enterprise in the real world.&#8221;<\/p>\n<h3 class=\"crosshead\">More Exchange server bugs<\/h3>\n<p>A pair of spoofing vulnerabilities have been found in Microsoft Exchange servers, tracked as <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21762\" rel=\"nofollow\">CVE-2023-21762<\/a> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21745\" rel=\"nofollow\">CVE-2023-21745<\/a>, with the second flagged as\u00a0&#8220;exploitation more likely,&#8221; are notable in that they are Exchange server bugs.<\/p>\n<p>&#8220;Email servers like Exchange are high-value targets for attackers, as they can allow an attacker to gain sensitive information through reading emails, or to facilitate Business Email Compromise style attacks by sending emails that appear to be legitimate,&#8221; Immersive Labs&#8217; Director of Cyber Threat Research Kev Breen told <em>The Register<\/em>.\u00a0<\/p>\n<p>We&#8217;d bet that <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/01\/05\/rackspace_ransomware_gang\/\" rel=\"noopener\">Rackspace<\/a> would attest to that.<\/p>\n<p>And two more Exchange server bugs, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21763\" rel=\"nofollow\">CVE-2023-21763<\/a> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21764\" rel=\"nofollow\">CVE-2023-21764<\/a>, could allow attackers to escalate privileges up to SYSTEM level.\u00a0<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y74MT1eFiq6RTwSi2P-5NQAAAEA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>ZDI\u00a0researcher Piotr Bazyd\u0142o found the pair, and Childs said they resulted from a failed patch of <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-41123\" rel=\"nofollow\">CVE-2022-41123<\/a>.\u00a0<\/p>\n<p>&#8220;Thanks to the use of a hard-coded path, a local attacker could load their own DLL and execute code at the level of SYSTEM,&#8221; he explained. &#8220;A recent report showed nearly 70,000 unpatched Exchange servers that were accessible from the internet. If you&#8217;re running Exchange on-prem, please test and deploy all the Exchange fixes quickly, and hope that Microsoft fixed these bugs correctly this time.&#8221;<\/p>\n<h3 class=\"crosshead\">Adobe joins the party<\/h3>\n<p>Adobe today released four patches to fix 29 vulnerabilities across its Acrobat and Reader, InDesign, InCopy, and Dimension software. The company said it&#8217;s not aware of any exploits in the wild for any of the security issues addressed in the updates.\u00a0\u00a0\u00a0\u00a0<\/p>\n<p>The <a href=\"https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb23-01.html\" rel=\"nofollow\">Reader<\/a> update address 15 critical and important vulnerabilities, which would lead to application denial-of-service, arbitrary code execution, privilege escalation and memory leak.<\/p>\n<p><a href=\"https:\/\/helpx.adobe.com\/security\/products\/indesign\/apsb23-07.html\" rel=\"nofollow\">InDesign<\/a>, meanwhile has six critical and important bugs that could allow arbitrary code execution, application denial-of-service and memory leak attacks.\u00a0\u00a0<\/p>\n<p>Six vulnerabilities in <a href=\"https:\/\/helpx.adobe.com\/security\/products\/incopy\/apsb23-08.html\" rel=\"nofollow\">InCopy<\/a> could lead to arbitrary code execution and memory leak. And two bugs in <a href=\"https:\/\/helpx.adobe.com\/security\/products\/dimension\/apsb23-10.html\" rel=\"nofollow\">Dimension<\/a> could lead to memory leak and arbitrary code execution in the context of the current user.<\/p>\n<h3 class=\"crosshead\">SAP<\/h3>\n<p>SAP <a href=\"https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10\" rel=\"nofollow\">released<\/a> 12 new and updated patches.\u00a0\u00a0<\/p>\n<p>While SAP Security Note #3089413 ranks the lowest in terms of the new HotNews Notes with a CVSS of 9.0, &#8220;it is possibly the most critical one of SAP&#8217;s January Patch Day, since it affects the majority of all SAP customers, and its mitigation is a challenge,&#8221; <a href=\"https:\/\/onapsis.com\/blog\/sap-security-patch-day-january-2023\" rel=\"nofollow\">said<\/a> Thomas Fritsch, SAP security researcher at Onapsis.\u00a0<\/p>\n<p>&#8220;A Capture-Replay vulnerability in the architecture of trusted-trusting RFC and HTTP communication scenarios allows malicious users to obtain illegitimate access to an SAP system,&#8221; he explained. &#8220;Complete patching of the vulnerability includes applying a kernel patch, an ABAP patch, and a manual migration of all trusted RFC and HTTP destinations. Both of the systems of a communication scenario need to be patched to mitigate the vulnerability.&#8221;\u00a0<\/p>\n<p>Two other new HotNews Notes received CVSS ratings of 9.9.\u00a0Security note #3262810 fixes a crucial code injection vulnerability in SAP BusinessObjects Business Intelligence platform, while #3275391 patches a bug that could allow an unauthenticated attacker to execute crafted database queries in SAP Business Planning and Consolidation Microsoft to read, modify, or delete data.<\/p>\n<h3 class=\"crosshead\">Intel<\/h3>\n<p>Intel pushed a fix for a <a href=\"https:\/\/www.intel.com\/content\/www\/us\/en\/security-center\/advisory\/intel-sa-00773.html\" rel=\"nofollow\">high-severity bug in oneAPI Toolkits<\/a> that could allow escalation of privilege. The vulnerability is tracked as CVE-2022-4019.\u00a0<\/p>\n<p>&#8220;Improper access control in the Intel(R) oneAPI DPC++\/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access,&#8221; the chip giant explained.<\/p>\n<h3 class=\"crosshead\">Google Android<\/h3>\n<p>Android&#8217;s <a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2023-01-01\" rel=\"nofollow\">January security bulletin<\/a> addresses more than 50 flaws affecting devices running Google&#8217;s Android OS. None of these have been exploited in the wild.<\/p>\n<p>The most serious of the bunch is a high-security vulnerability in the Framework component leading to local escalation of privilege with no additional execution privileges needed, we&#8217;re told.<\/p>\n<p>&#8220;Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights,&#8221; the Center for Internet Security <a href=\"https:\/\/www.cisecurity.org\/advisory\/multiple-vulnerabilities-in-google-android-os-could-allow-for-arbitrary-code-execution_2023-001\" rel=\"nofollow\">warned<\/a> \u00ae.<\/p>\n<\/p><\/div>\n<iframe data-lazy=\"true\" data-src=\"https:\/\/www.fiverr.com\/gig_widgets?id=U2FsdGVkX18x7XQvttUTrv1oEqmGNGTgvvCUiUoJ\/AP4z\/UyMz8lXGOLpu15jIMxBbTR0gmD5uBoFvhC4KWeALQRp3h\/X\/AwcVD0K8Wj9H\/ZzYKzcCNHosB9oS4SCJJFWiN85P9ICAc4OgCoE\/wHKIY7CDkf2\/DQ1vqGvk4smVe5cRDEmrLPCWi4FC8p40VUhSmWQ5udCm0zoJtorgWv3vbDQw0kKYkwn39ozAnQXDe+YvWMxkLFWA+O3TFwkJvdkIK+\/AUSnRssPKt5WHY0FhNOxnSPcLslEL4G4\/RfP95ve99U+kRnDy3X+KtzdQLY+u935ghON\/o3UE4IMv9oN6JX9RnxzL\/LRcOgnHigxStSGPKsZYtnz8RWNVT\/rOLAibqiWJadC5MYHRbekF3eg6FOGrQGkXYbsn0+a5aovnlLCbLwIqY9fcS17UX8J235iQ6cdmHNbrPeS84CMm34RA==&affiliate_id=1052423&strip_google_tagmanager=true\" loading=\"lazy\" data-with-title=\"true\" class=\"fiverr_nga_frame\" frameborder=\"0\" height=\"350\" width=\"100%\" referrerpolicy=\"no-referrer-when-downgrade\" data-mode=\"random_gigs\" onload=\" var frame = this; var script = document.createElement('script'); script.addEventListener('load', function() { window.FW_SDK.register(frame); }); script.setAttribute('src', 'https:\/\/www.fiverr.com\/gig_widgets\/sdk'); document.body.appendChild(script); \" ><\/iframe>\n<br \/><a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/01\/11\/patch_tuesday_january_2023\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Patch Tuesday Microsoft fixed 98 security flaws in its first Patch Tuesday of 2023 including one that&#8217;s already been exploited and another listed as publicly&#8230;<\/p>\n","protected":false},"author":1,"featured_media":29155,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-29154","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-universe"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register - mailinvest.blog<\/title>\n<meta name=\"description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register - mailinvest.blog\" \/>\n<meta property=\"og:description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/\" \/>\n<meta property=\"og:site_name\" content=\"mailinvest.blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/freelanceracademic\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-11T01:09:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/2023_shutterstock.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"562\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin@mailinvest.blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin@mailinvest.blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/\"},\"author\":{\"name\":\"admin@mailinvest.blog\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\"},\"headline\":\"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register\",\"datePublished\":\"2023-01-11T01:09:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/\"},\"wordCount\":1002,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/2023_shutterstock.jpg\",\"articleSection\":[\"Tech Universe\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/\",\"name\":\"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register - mailinvest.blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/2023_shutterstock.jpg\",\"datePublished\":\"2023-01-11T01:09:35+00:00\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/2023_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/2023_shutterstock.jpg\",\"width\":1000,\"height\":562},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/11\\\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mailinvest.blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"name\":\"mailinvest.blog\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mailinvest.blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\",\"name\":\"mailinvest\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"width\":1000,\"height\":1000,\"caption\":\"mailinvest\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/freelanceracademic\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\",\"name\":\"admin@mailinvest.blog\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"caption\":\"admin@mailinvest.blog\"},\"sameAs\":[\"https:\\\/\\\/mailinvest.blog\",\"admin@mailinvest.blog\"],\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/author\\\/adminmailinvest-blog\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register - mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/","og_locale":"en_US","og_type":"article","og_title":"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register - mailinvest.blog","og_description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","og_url":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/","og_site_name":"mailinvest.blog","article_publisher":"https:\/\/www.facebook.com\/freelanceracademic\/","article_published_time":"2023-01-11T01:09:35+00:00","og_image":[{"width":1000,"height":562,"url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/2023_shutterstock.jpg","type":"image\/jpeg"}],"author":"admin@mailinvest.blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin@mailinvest.blog","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#article","isPartOf":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/"},"author":{"name":"admin@mailinvest.blog","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4"},"headline":"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register","datePublished":"2023-01-11T01:09:35+00:00","mainEntityOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/"},"wordCount":1002,"commentCount":0,"publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/2023_shutterstock.jpg","articleSection":["Tech Universe"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/","url":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/","name":"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register - mailinvest.blog","isPartOf":{"@id":"https:\/\/mailinvest.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#primaryimage"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/2023_shutterstock.jpg","datePublished":"2023-01-11T01:09:35+00:00","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","breadcrumb":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#primaryimage","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/2023_shutterstock.jpg","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/2023_shutterstock.jpg","width":1000,"height":562},{"@type":"BreadcrumbList","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/11\/first-patch-tuesday-of-2023-includes-in-the-wild-exploit-the-register\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailinvest.blog\/"},{"@type":"ListItem","position":2,"name":"First Patch Tuesday of 2023 includes in-the-wild exploit \u2022 The Register"}]},{"@type":"WebSite","@id":"https:\/\/mailinvest.blog\/#website","url":"https:\/\/mailinvest.blog\/","name":"mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailinvest.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailinvest.blog\/#organization","name":"mailinvest","url":"https:\/\/mailinvest.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","width":1000,"height":1000,"caption":"mailinvest"},"image":{"@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/freelanceracademic\/"]},{"@type":"Person","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4","name":"admin@mailinvest.blog","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","caption":"admin@mailinvest.blog"},"sameAs":["https:\/\/mailinvest.blog","admin@mailinvest.blog"],"url":"https:\/\/mailinvest.blog\/index.php\/author\/adminmailinvest-blog\/"}]}},"_links":{"self":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/29154","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/comments?post=29154"}],"version-history":[{"count":0,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/29154\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media\/29155"}],"wp:attachment":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media?parent=29154"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/categories?post=29154"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/tags?post=29154"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}