CISA Classifies a Patched Microsoft PoC Flaw As a Known Exploited Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a patched Microsoft vulnerability to its Known Exploited Vulnerabilities (KEV) database....
CISA Classifies a Patched Microsoft PoC Flaw As a Known Exploited Vulnerability
Written by WebProNews

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a patched Microsoft vulnerability to its Known Exploited Vulnerabilities (KEV) database.

Microsoft’s recent August 2023 Patch Tuesday addressed a number of issues, including a vulnerability in .Net and Visual Studio that Microsoft classified as a proof-of-concept (PoC).

Spotted by The Hacker News, it appears CISA disagrees with Microsoft’s classification. While Microsoft flagged the vulnerability as “Exploitation More Likely,” CISA says the vulnerability has already been exploited, resulting in it being added to the KEV catalog.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Needless to say, organizations should take immediate steps to apply the necessary security patch.

Subscribe for Updates

CISOUpdate Newsletter

News & trends for CIO's and IT leaders.

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.
Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us