HomeWinBuzzer NewsMicrosoft Discloses Memory Corruption Vulnerabilities in Ncurses Library Used by Linux and...

Microsoft Discloses Memory Corruption Vulnerabilities in Ncurses Library Used by Linux and macOS

Recent vulnerabilities in the ncurses programming library, if exploited, could enable malicious individuals to run harmful code on vulnerable systems.

-

has unveiled a series of memory corruption vulnerabilities in the ncurses programming library, predominantly used in Linux and macOS systems. The flaws, if exploited, could allow threat actors to execute malicious code on susceptible systems. Microsoft's Threat Intelligence researchers highlighted that by manipulating environment variables, attackers could leverage these vulnerabilities to escalate privileges and execute code in the context of the targeted program.

Technical Insights and Implications

The vulnerabilities, officially labeled as CVE-2023-29491 with a CVSS score of 7.8, were rectified in April 2023. Microsoft collaborated with Apple to address macOS-specific issues related to these vulnerabilities. The flaws discovered encompass a variety of issues, including a stack information leak, a parameterized string type confusion, and a heap out-of-bounds during terminfo database file parsing. The researchers emphasized that exploiting these vulnerabilities would require a multi-stage attack strategy.

Collaborative Efforts and Remediation

Microsoft has been proactive in sharing these vulnerabilities with relevant stakeholders through Coordinated Vulnerability Disclosure (CVD) and Microsoft Security Vulnerability Research (MSVR). The vulnerabilities were promptly addressed by the maintainers of the ncurses library. Microsoft also acknowledged the contributions of researcher Gergely Kalman, who provided valuable use cases that aided in the research. Users of the ncurses library are urged to update their systems to safeguard against potential exploitation.

Recent Patch Tuesday Fixes

Microsoft's September 2023 Patch Tuesday was rolled out this week, addressing a total of 59 vulnerabilities, two of which are zero-day flaws currently under active exploitation. Just like all months, Patch Tuesday is about shoring up Microsoft's services from security issues and bugs. The two zero-day vulnerabilities that have been actively exploited are:

  1. CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. This flaw allows attackers to exploit the vulnerability to gain system privileges.
  2. CVE-2023-36761Microsoft Word Information Disclosure Vulnerability. This vulnerability can be exploited by attackers to disclose NTLM hashes.
SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

Mastodon