CISA Classifies a Patched Microsoft PoC Flaw As a Known Exploited Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a patched Microsoft vulnerability to its Known Exploited Vulnerabilities (KEV) database....
CISA Classifies a Patched Microsoft PoC Flaw As a Known Exploited Vulnerability
Written by WebProNews
  • The US Cybersecurity and Infrastructure Security Agency (CISA) has added a patched Microsoft vulnerability to its Known Exploited Vulnerabilities (KEV) database.

    Microsoft’s recent August 2023 Patch Tuesday addressed a number of issues, including a vulnerability in .Net and Visual Studio that Microsoft classified as a proof-of-concept (PoC).

    Spotted by The Hacker News, it appears CISA disagrees with Microsoft’s classification. While Microsoft flagged the vulnerability as “Exploitation More Likely,” CISA says the vulnerability has already been exploited, resulting in it being added to the KEV catalog.

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

    Needless to say, organizations should take immediate steps to apply the necessary security patch.

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit