/

CVE-2023-29360 Report - Details, Severity, & Advisorie...

CVE-2023-29360 Report - Details, Severity, & Advisories

Twingate Team

Jun 6, 2024

What is CVE-2023-29360?

CVE-2023-29360 is a high-severity elevation of privilege vulnerability affecting Microsoft Streaming Service on various configurations of Microsoft Windows operating systems, including Windows 10, Windows 11, and Windows Server versions. Users should be aware of this issue and stay informed about potential updates and solutions to maintain the security of their systems.

Who is impacted by this?

Impacted versions include Windows 10 (1607, 1809, 21H2, and 22H2), Windows 11 (21H2 and 22H2), and Windows Server (2016, 2019, and 2022). The vulnerability impacts various configurations, including x64, x86, and ARM64 systems.

What should I do if I’m affected?

If you're affected by the CVE-2023-29360 vulnerability, it's important to take action to secure your system. Follow these steps to mitigate the risk:

  1. Apply the security updates provided by Microsoft for the affected products.

  2. Keep software up-to-date and follow best security practices.

  3. Review the list of affected products and apply the appropriate security updates.

  4. Monitor the Microsoft Security Update Guide for any updates or revisions related to this vulnerability.

  5. Ensure that systems are running the latest software versions and patches.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29360 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. This Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability was added to the catalog on February 29, 2024, with a due date of March 21, 2024. To address this issue, users should apply mitigations as per vendor instructions or discontinue using the affected product if no mitigations are available.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-822, an untrusted pointer dereference issue in Microsoft Streaming Service.

Learn More

CVE-2023-29360 is a significant vulnerability affecting Microsoft Streaming Service on various Windows operating systems. For a comprehensive understanding of its description, severity, technical details, and affected software configurations, refer to the NVD page.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-29360 Report - Details, Severity, & Advisorie...

CVE-2023-29360 Report - Details, Severity, & Advisories

Twingate Team

Jun 6, 2024

What is CVE-2023-29360?

CVE-2023-29360 is a high-severity elevation of privilege vulnerability affecting Microsoft Streaming Service on various configurations of Microsoft Windows operating systems, including Windows 10, Windows 11, and Windows Server versions. Users should be aware of this issue and stay informed about potential updates and solutions to maintain the security of their systems.

Who is impacted by this?

Impacted versions include Windows 10 (1607, 1809, 21H2, and 22H2), Windows 11 (21H2 and 22H2), and Windows Server (2016, 2019, and 2022). The vulnerability impacts various configurations, including x64, x86, and ARM64 systems.

What should I do if I’m affected?

If you're affected by the CVE-2023-29360 vulnerability, it's important to take action to secure your system. Follow these steps to mitigate the risk:

  1. Apply the security updates provided by Microsoft for the affected products.

  2. Keep software up-to-date and follow best security practices.

  3. Review the list of affected products and apply the appropriate security updates.

  4. Monitor the Microsoft Security Update Guide for any updates or revisions related to this vulnerability.

  5. Ensure that systems are running the latest software versions and patches.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29360 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. This Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability was added to the catalog on February 29, 2024, with a due date of March 21, 2024. To address this issue, users should apply mitigations as per vendor instructions or discontinue using the affected product if no mitigations are available.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-822, an untrusted pointer dereference issue in Microsoft Streaming Service.

Learn More

CVE-2023-29360 is a significant vulnerability affecting Microsoft Streaming Service on various Windows operating systems. For a comprehensive understanding of its description, severity, technical details, and affected software configurations, refer to the NVD page.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-29360 Report - Details, Severity, & Advisories

Twingate Team

Jun 6, 2024

What is CVE-2023-29360?

CVE-2023-29360 is a high-severity elevation of privilege vulnerability affecting Microsoft Streaming Service on various configurations of Microsoft Windows operating systems, including Windows 10, Windows 11, and Windows Server versions. Users should be aware of this issue and stay informed about potential updates and solutions to maintain the security of their systems.

Who is impacted by this?

Impacted versions include Windows 10 (1607, 1809, 21H2, and 22H2), Windows 11 (21H2 and 22H2), and Windows Server (2016, 2019, and 2022). The vulnerability impacts various configurations, including x64, x86, and ARM64 systems.

What should I do if I’m affected?

If you're affected by the CVE-2023-29360 vulnerability, it's important to take action to secure your system. Follow these steps to mitigate the risk:

  1. Apply the security updates provided by Microsoft for the affected products.

  2. Keep software up-to-date and follow best security practices.

  3. Review the list of affected products and apply the appropriate security updates.

  4. Monitor the Microsoft Security Update Guide for any updates or revisions related to this vulnerability.

  5. Ensure that systems are running the latest software versions and patches.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29360 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. This Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability was added to the catalog on February 29, 2024, with a due date of March 21, 2024. To address this issue, users should apply mitigations as per vendor instructions or discontinue using the affected product if no mitigations are available.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-822, an untrusted pointer dereference issue in Microsoft Streaming Service.

Learn More

CVE-2023-29360 is a significant vulnerability affecting Microsoft Streaming Service on various Windows operating systems. For a comprehensive understanding of its description, severity, technical details, and affected software configurations, refer to the NVD page.