The US Cybersecurity and Infrastructure Safety Company (CISA) has added a patched Microsoft vulnerability to its Recognized Exploited Vulnerabilities (KEV) database.
Microsoft’s latest August 2023 Patch Tuesday addressed numerous points, together with a vulnerability in .Internet and Visible Studio that Microsoft categorized as a proof-of-concept (PoC).
Noticed by The Hacker Information, it seems CISA disagrees with Microsoft’s classification. Whereas Microsoft flagged the vulnerability as “Exploitation Extra Probably,” CISA says the vulnerability has already been exploited, leading to it being added to the KEV catalog.
CISA has added one new vulnerability to its Recognized Exploited Vulnerabilities Catalog, based mostly on proof of lively exploitation.
For sure, organizations ought to take quick steps to use the required safety patch.