Hackers Exploit New SharePoint Flaw: Patch Now or Risk Mayhem!

Heads up, SharePoint users! A pesky vulnerability (CVE-2023-24955) has wriggled into CISA’s naughty list. If you missed May’s Patch Tuesday, it’s time to play catch-up—hackers aren’t waiting! #MicrosoftSharepointServerVulnerability

Hot Take:

Oh, SharePoint, you digital packrat of corporate America, how you’ve managed to morph from a mere document hoarder into a glitzy stage for hacker trickery! With CISA shining its cybersecurity spotlight on you, it’s like watching a B-list celebrity get caught in a scandal, but without the paparazzi and with a lot more sensitive data at risk. Cue the dramatic music and let’s patch up before this turns into the next blockbuster data breach!

Key Points:

  • The CVE-2023-24955 vulnerability in Microsoft SharePoint is now a star on CISA’s KEV list, and not for good behavior.
  • With a severity score of 7.2, this RCE flaw is the digital equivalent of handing over the keys to your virtual kingdom to anyone with Site Owner privileges.
  • Microsoft served up a patch with the May 2023 Patch Tuesday special, so if you’ve been hitting snooze on your updates, it’s time to wake up and smell the cyber risk.
  • Remember that dynamic duo CVE-2023-29357 and CVE-2023-24955 from Pwn2Own Vancouver? They haven’t been spotted wreaking havoc together yet, but keep your eyes peeled.
  • Federal Civilian Executive Branch agencies have a deadline to patch this quicker than you can say “regulatory compliance,” specifically by April 16.
Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
Cve id: CVE-2023-24955
Cve state: PUBLISHED
Cve assigner short name: microsoft
Cve date updated: 12/14/2023
Cve description: Microsoft SharePoint Server Remote Code Execution Vulnerability

Title: Microsoft SharePoint Server Elevation of Privilege Vulnerability
Cve id: CVE-2023-29357
Cve state: PUBLISHED
Cve assigner short name: microsoft
Cve date updated: 01/09/2024
Cve description: Microsoft SharePoint Server Elevation of Privilege Vulnerability

Need to know more?

FCEBS ON A DEADLINE

It's not just about fixing a leaky faucet; it's about averting a digital flood. Microsoft's advisory casually notes that if you're cozy with your SharePoint Server as a Site Owner, you could also moonlight as a cyber menace, executing code from the comfort of your desk chair. And in case you've been living under a rock (or just really hate updates), the patch is part of the May 2023 Patch Tuesday giveaway. Meanwhile, CISA's playing the strict parent role, giving Federal agencies a curfew to patch up or face the naughty corner.

Pwn2Own's Bounty Hunters

Remember those halcyon days at Pwn2Own Vancouver, where StarLabs SG bagged a cool $100,000? They showed us how CVE-2023-29357 and our new 'celeb' CVE-2023-24955 could tango together for a cyber catastrophe. While they haven't been seen in the wild pulling off a heist together, it's like knowing Bonnie and Clyde are in town—better to lock up your valuables just in case.

SharePoint: The Old Guard

Let's take a stroll down memory lane to when SharePoint was just a humble document manager and not a playground for cyber shenanigans. Now, with over 200 million users and 80% of the Fortune 500 companies using it, SharePoint is the digital equivalent of that one popular kid in school who ends up being everyone's friend—or frenemy, depending on who's asking.

Tech Tips and Cyber Snippets

For those of you who can't get enough of the tech drama, TechRadar Pro is like the gossip magazine of the digital realm. Whether it's the latest on that Windows software we love to hate, or the scoop on the best firewalls and endpoint security tools, they've got the deets. And a special shoutout to Sead, the scribe from Sarajevo, who's been translating geek speak into human for over a decade. Hats off to you, sir!

Tags: CVE-2023-24955, Malware Deployment, Microsoft Sharepoint, network-based attack, Pwn2Own contest, Remote Code Execution, vulnerability patch