Microsoft patched two zero-day vulnerabilities in its September Patch Tuesday. The first vulnerability, CVE-2023-36761, is an information disclosure vulnerability in Microsoft Word. The second vulnerability, CVE-2023-36802, is an elevation of privilege vulnerability in the Microsoft Streaming Service Proxy. In addition to these fixes, there are patches for four critical remote code execution vulnerabilities, three of which impact Visual Studio. The fourth critical bug, CVE-2023-38148, is found in Windows Internet Connection Sharing. #Microsoft #PatchTuesday #ZeroDay #Vulnerabilities #CVE #Infosecurity

https://www.infosecurity-magazine.com/news/fixes-two-zeroday-bugs-used-attacks/