When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The vulnerability is tracked as CVE-2023-36563, a 6.5 severity score flaw described as an information disclosure bug.
Its apparently one of two flaws being abused in the wild right now.
In both scenarios, the end goal is the same - to take control of the affected endpoint.
The workaround includes blocking outbound NTLM-over-SMB onWindows 11.
The second vulnerability being abused by threat actors is a privilege escalation flaw found in Skype for Business.
Tracked as CVE-2023-41763, it carries a severity score of 5.3 and could lead to information disclosure.
