Microsoft’s October security update for multiple high-risk product vulnerabilities

Microsoft’s October security update for multiple high-risk product vulnerabilities

October 12, 2023 | NSFOCUS

Overview

On October 11, NSFOCUS CERT monitored that Microsoft had released a security update patch for October, fixing 104 security problems, involving Microsoft WordPad, Skype for Business, Windows Layer 2 Tunneling Protocol, Microsoft Message Queuing and other widely used products, including high-risk vulnerability types such as privilege enhancement, remote code execution, etc.

Among the vulnerabilities fixed in Microsoft’s monthly updates this month, there are 12 critical vulnerabilities and 92 important vulnerabilities. This includes three vulnerabilities that exist in the wild:

  • Skype for Business Privilege Escalation Vulnerability (CVS 2023-41763)
  • Microsoft WordPad Information Disclosure Vulnerability (CVE-2023-36563)
  • MITRE: CVE-2023-44487-HTTP/2 Quick Reset Attack

Please update the patch as soon as possible. Please refer to the appendix for a complete list of vulnerabilities.

Reference link:

https://msrc.microsoft.com/update-guide/releaseNote/2023-Oct

Key Vulnerabilities

Skype for Business privilege escalation vulnerability (CVS 2023-41763):

Skype for Business has a privilege escalation vulnerability, which allows remote attackers without authentication to make specialized network calls to the target Skype for Business server, potentially causing HTTP requests sent to arbitrary addresses to be parsed, revealing the IP address and port number to the attacker. Attackers who successfully exploit this vulnerability can view sensitive information, and in some cases, the exposed sensitive information can provide access to the internal network. The vulnerability has been publicly disclosed and has been exploited in the wild.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-41763

Microsoft WordPad Information Disclosure Vulnerability (CVS 2023-36563):

There is an information leakage vulnerability in Microsoft WordPad, which allows remote attackers who do not require authentication to exploit the vulnerability by running a crafted application or inducing local users to open malicious files after logging into the system. Successful exploitation of this vulnerability can result in NTLM hash leakage. The vulnerability has been publicly disclosed and has been exploited in the wild, with a CVSS score of 6.5.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36563

MITRE: CVE-2023-44487-HTTP/2 Quick Reset Attack

Microsoft has released mitigation measures for DDoS attacks on HTTP/2, known as the “HTTP/2 Rapid Reset”. This attack abuses the HTTP/2 stream cancellation function to continuously send and cancel requests, causing the target server/application to run out of resources and cause a denial of service. This vulnerability has been widely exploited since August.

Official reference link:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-44487

Windows Layer 2 Tunneling Protocol Remote Code Execution Vulnerability (CVE-2023-41770/CVE-2023-41765/CVE-2023-41767/CVE-2023-38166/CVE-2023-41774/CVE-2023-41773/CVE-2023-41771/CVE-2023-41769/CVE-2023-41768):

Unauthenticated remote attackers can cause remote code execution on the RAS server computer by sending crafted protocol messages to the Routing and Remote Access Service (RRAS) server. Successful exploitation of this vulnerability requires the attacker to win competitive conditions. The CVSS score is 8.1.

Official link announcement:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41770

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41765

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41767

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-38166

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41774

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41773

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41771

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41769

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-41768

Microsoft Message Queuing Remote Code Execution Vulnerability (CVS 2023-35349):

There is a remote code execution vulnerability in Microsoft Message Queuing, which allows unauthenticated remote attackers to remotely execute code on the target server when the Message Queuing service is enabled. The CVSS score is 9.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-35349

Microsoft Message Queuing Remote Code Execution Vulnerability (CVS 2023-36697):

There is a remote code execution vulnerability in Microsoft Message Queuing, which allows authenticated domain users to remotely execute code on the target server. However, attackers need to induce the victim user to connect to a malicious server or disrupt the legitimate MSMQ server host and make it run as a malicious server. The CVSS score is 6.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36697

Microsoft Virtual Trusted Platform Module (TPM) Remote Code Execution Vulnerability (CVS 2023-36718):

A local attacker with low privileges can successfully exploit this vulnerability to execute arbitrary code on the target system without user interaction. The CVSS score is 7.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36718

Scope of Impact

The following are some affected product versions that focus on vulnerabilities. For other product ranges affected by vulnerabilities, please refer to the official announcement link.

Vulnerability numberAffected product version
CVE-2023-41763Skype for Business Server 2019 CU7
Skype for Business Server 2015 CU13
CVE-2023-36563Windows Server 2008 R2 for x64 based Systems Service Pack 1
Windows Server 2008 for x64 based Systems Service Pack 2 (Server Core Installation)
Windows Server 2008 for x64 based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core Installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core Installation)
Windows Server 2016
Windows 10 Version 1607 for x64 based Systems
Windows Server 2019
Windows 10 Version 1809 for ARM64 based Systems
Windows 10 Version 1809 for x64 based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64 based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64 based Systems
Windows 10 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for ARM64 based Systems
Windows 10 Version 21H2 for x64 based Systems
Windows 10 Version 21H2 for ARM64 based Systems
Windows 10 Version 21H2 for 32 bit Systems
Windows 11 version 21H2 for ARM64 based Systems
Windows 11 version 21H2 for x64 based Systems
Windows Server 2022 (Server Core Installation)
Windows Server 2022 Windows Server 2019 (Server Core Installation)
Windows Server 2012 R2 (Server Core Installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core Installation)
Windows Server 2012
Windows Server 2008 R2 for x64 based Systems Service Pack 1 (Server Core Installation)
CVE-2023-44487Windows Server 2016 (Server Core Installation)
Windows Server 2016
Windows 10 Version 1607 for x64 based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64 based Systems
Windows 10 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for ARM64 based Systems
Windows 10 Version 21H2 for x64 based Systems
Windows 10 Version 21H2 for ARM64 based Systems
Windows 10 Version 21H2 for 32 bit Systems
Windows 11 version 21H2 for ARM64 based Systems
Windows 11 version 21H2 for x64 based Systems
Windows Server 2022 (Server Core Installation)
Windows Server 2022
Windows Server 2019 (Server Core Installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64 based Systems
Windows 10 Version 1809 for x64 based Systems
Windows 10 Version 1809 for 32-bit Systems ASP. NET Core 7.0
Microsoft Visual Studio 2022 version 17.7
Microsoft Visual Studio 2022 version 17.6
Microsoft Visual Studio 2022 version 17.4
Microsoft Visual Studio 2022 version 17.2
. NET 7.0
ASP.
NET Core 6.0
. NET 6.0
CVE-2023-41770
CVE-2023-41765
CVE-2023-41767
CVE-2023-38166
CVE-2023-41774
CVE-2023-41773
CVE-2023-41771
CVE-2023-41769
CVE-2023-41768
CVE-2023-35349
CVE-2023-36697
Windows Server 2012 R2 (Server Core Installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core Installation)
Windows Server 2012
Windows Server 2008 R2 for x64 based Systems Service Pack 1 (Server Core Installation)
Windows Server 2008 R2 for x64 based Systems Service Pack 1
Windows Server 2008 for x64 based Systems Service Pack 2 (Server Core Installation)
Windows Server 2008 for x64 based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core Installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core Installation)
Windows Server 2016
Windows 10 Version 1607 for x64 based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64 based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64 based Systems
Windows 10 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for ARM64 based Systems
Windows 10 Version 21H2 for x64 based Systems
Windows 10 Version 21H2 for ARM64 based Systems
Windows 10 Version 21H2 for 32 bit Systems
Windows 11 version 21H2 for ARM64 based Systems
Windows 11 version 21H2 for x64 based Systems
Windows Server 2022 (Server Core Installation)
Windows Server 2022
Windows Server 2019 (Server Core Installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64 based Systems
Windows 10 Version 1809 for x64 based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2023-36718Windows 10 Version 21H2 for x64 based Systems
Windows 11 version 21H2 for ARM64 based Systems
Windows 11 version 21H2 for x64 based Systems
Windows Server 2022 (Server Core Installation)
Windows Server 2022
Windows Server 2019 (Server Core Installation)
Windows Server 2019
Windows 10 Version 1809 for x64 based Systems
Windows Server 2016 (Server Core Installation)
Windows Server 2016
Windows 10 Version 1607 for x64 based Systems
Windows 10 for x64 based Systems
Windows 10 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for x64 based Systems
Windows 11 Version 22H2 for ARM64 based Systems

Mitigation

At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install the patch as soon as possible for protection. The official download link is:

https://msrc.microsoft.com/update-guide/releaseNote/2023-Oct

Note: Due to network problems, computer environment problems and other reasons, the patch update of Windows Update may fail. After installing the patch, users should promptly check whether the patch has been successfully updated.

The mitigation measures for the quick reset attack on CVE-2023 44487-HTTP/2 can be found in: https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/

Appendix: Vulnerability List

ProductCVE number VulnerabilitySeverity
Windows Layer 2 Tunneling ProtocolCVE-2023-41770Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41765Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41767Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-38166Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41774Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41773Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41771Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41769Layer 2 Tunneling Protocol Remote Execution Code VulnerabilityCritical
Windows Layer 2 Tunneling ProtocolCVE-2023-41768Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-35349Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-36697Microsoft Message Queuing Remote Execution Code VulnerabilityCritical
Windows Virtual Trusted Platform ModuleCVE-2023-36718Microsoft Virtual Trusted Platform Module Remote Code Execution VulnerabilityCritical
Active Directory Domain ServicesCVE-2023-36722Active Directory Domain Service Information Disclosure VulnerabilityImportant
AzureCVE-2023-36737Azure Network Observer VM Agent Privilege Escalation VulnerabilityImportant
AzureCVE-2023-36419Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege VulnerabilityImportant
Azure DevOpsCVE-2023-36561Azure DevOps Server Privilege Escalation VulnerabilityImportant
Azure Real Time Operating SystemCVE-2023-36418Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant
Azure SDKCVE-2023-36414Azure Identity SDK Remote Execution Code VulnerabilityImportant
Azure SDKCVE-2023-36415Azure Identity SDK Remote Execution Code VulnerabilityImportant
Client Server Run time Subsystem (CSRSS)CVE-2023-41766Windows client server runtime subsystem (CSRSS) privilege escalation vulnerabilityImportant
HTTP/2CVE-2023-44487MITRE: CVS 2023-44487 HTTP/2 Quick Reset AttackImportant
Microsoft Common Data Model SDKCVE-2023-36566Microsoft Common Data Model SDK Denial of Service VulnerabilityImportant
Microsoft DynamicsCVE-2023-36429Microsoft Dynamics 365 (Local) Information Disclosure VulnerabilityImportant
Microsoft DynamicsCVE-2023-36416Microsoft Dynamics 365 (Local) Cross Site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2023-36433Microsoft Dynamics 365 (Local) Information Disclosure VulnerabilityImportant
Microsoft Exchange ServerCVE-2023-36778Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2023-36594Windows Graphics Component Privilege Escalation VulnerabilityImportant
Microsoft Graphics ComponentCVS 2023-38159Windows Graphics Component Privilege Escalation VulnerabilityImportant
Microsoft OfficeCVE-2023-36565Microsoft Office Graphics Privilege Escalation VulnerabilityImportant
Microsoft OfficeCVE-2023-36569Microsoft Office Privilege Escalation VulnerabilityImportant
Microsoft OfficeCVE-2023-36568Microsoft Office Click and Play Privilege Escalation VulnerabilityImportant
Microsoft QUICCVE-2023-38171Microsoft QUIC Denial of Service VulnerabilityImportant
Microsoft QUICCVE-2023-36435Microsoft QUIC Denial of Service VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2023-36577SQL Server Remote Execution Code Vulnerability in Microsoft WDAC OLE DB ProviderImportant
Microsoft Windows Media FoundationCVE-2023-36710Windows Media Foundation Core Remote Code Execution VulnerabilityImportant
Microsoft Windows Search ComponentCVE-2023-36564Windows Search Security Feature Bypass VulnerabilityImportant
Microsoft WordPadCVE-2023-36563Microsoft Wordpad Information Disclosure VulnerabilityImportant
Skype for BusinessCVE-2023-36786Skype Business Remote Execution Code VulnerabilityImportant
Skype for BusinessCVE-2023-36780Skype Business Remote Execution Code VulnerabilityImportant
Skype for BusinessCVE-2023-36789Skype Business Remote Execution Code VulnerabilityImportant
Skype for BusinessCVE-2023-41763Skype for Business privilege escalation vulnerabilityImportant
SQL ServerCVE-2023-36728Microsoft SQL Server Denial of Service VulnerabilityImportant
SQL ServerCVE-2023-36417Microsoft SQL ODBC Driver Remote Execution Code VulnerabilityImportant
SQL ServerCVE-2023-36785Microsoft SQL Server Remote Code Execution ODBC Driver VulnerabilityImportant
SQL ServerCVE-2023-36598Microsoft WDAC ODBC Driver Remote Execution Code VulnerabilityImportant
SQL ServerCVE-2023-36730Microsoft SQL Server Remote Code Execution ODBC Driver VulnerabilityImportant
SQL ServerCVE-2023-36420Microsoft SQL Server Remote Code Execution ODBC Driver VulnerabilityImportant
Windows Active Template LibraryCVE-2023-36585Activity Template Library Denial of Service VulnerabilityImportant
Windows AllJoyn APICVE-2023-36709Microsoft AllJoyn API Denial of Service VulnerabilityImportant
Windows Client/Server Runtime SubsystemCVE-2023-36902Windows Runtime Remote Code Execution VulnerabilityImportant
Windows Common Log File System DriverCVE-2023-36713Windows Common Log File System Driver Information Disclosure VulnerabilityImportant
Windows Container Manager ServiceCVE-2023-36723Windows Container Manager Service Privilege Escalation VulnerabilityImportant
Windows Deployment ServicesCVE-2023-36707Windows Deployment Services Denial of Service VulnerabilityImportant
Windows Deployment ServicesCVE-2023-36567Windows Deployment Services Information Disclosure VulnerabilityImportant
Windows Deployment ServicesCVE-2023-36706Windows Deployment Services Information Disclosure VulnerabilityImportant
Windows DHCP ServerCVE-2023-36703DHCP Server Service Denial of Service VulnerabilityImportant
Windows Error ReportingCVE-2023-36721Windows Error Reporting Service Privilege Escalation VulnerabilityImportant
Windows HTML PlatformCVE-2023-36436Windows MSHTML Platform Remote Code Execution VulnerabilityImportant
Windows HTML PlatformCVE-2023-36557PrintHTML API Remote Code Execution VulnerabilityImportant
Windows IISCVE-2023-36434Windows IIS Server Privilege Escalation VulnerabilityImportant
Windows IKE ExtensionCVE-2023-36726Windows Internet Key Exchange (IKE) Extended Privilege Escalation VulnerabilityImportant
Windows KernelCVE-2023-36576Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2023-36712Windows kernel privilege escalation vulnerabilityImportant
Windows KernelCVE-2023-36698Windows kernel security feature bypass vulnerabilityImportant
Windows Mark of the Web (MOTW)CVE-2023-36584Windows Mark of the Web Security Feature Bypass VulnerabilityImportant
Windows Message QueuingCVE-2023-36571Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36570Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36431Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36591Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36590Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36589Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36583Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36592Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36606Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36593Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36582Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36574Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36575Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36573Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36572Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Message QueuingCVE-2023-36581Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36579Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36578Microsoft Message Queuing Remote Execution Code VulnerabilityImportant
Windows Microsoft DirectMusicCVE-2023-36702Microsoft Direct Music Remote Execution Code VulnerabilityImportant
Windows Mixed Reality Developer ToolsCVE-2023-36720Windows Hybrid Reality Developer Tool Denial of Service VulnerabilityImportant
Windows Named Pipe File SystemCVE-2023-36729Naming Pipeline File System Permission Escalation VulnerabilityImportant
Windows Named Pipe File SystemCVE-2023-36605Windows Named Pipeline File System Privilege Escalation VulnerabilityImportant
Windows NT OS KernelCVE-2023-36725Windows kernel privilege escalation vulnerabilityImportant
Windows Power Management ServiceCVE-2023-36724Windows Power Management Service Information Disclosure VulnerabilityImportant
Windows RDPCVE-2023-36790Windows RDP Encoder Mirror Driver Privilege Escalation VulnerabilityImportant
Windows RDPCVS 2023-29348Windows Remote Desktop Gateway (RD Gateway) Information Disclosure VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-36596Remote Procedure Call Information Disclosure VulnerabilityImportant
Windows Resilient File System (ReFS)CVE-2023-36701Microsoft Resilient File System (ReFS) Permission Escalation VulnerabilityImportant
Windows Runtime C++Template LibraryCVE-2023-36711Windows runtime C++template library privilege escalation vulnerabilityImportant
Windows Setup Files CleanupCVE-2023-36704Windows Installer File Cleanup Remote Execution Code VulnerabilityImportant
Windows TCP/IPCVE-2023-36438Windows TCP/IP Information Disclosure VulnerabilityImportant
Windows TCP/IPCVE-2023-36603Windows TCP/IP Denial of Service VulnerabilityImportant
Windows TCP/IPCVE-2023-36602Windows TCP/IP Denial of Service VulnerabilityImportant
Windows TPMCVE-2023-36717Windows Virtual Trusted Platform Module Denial of Service VulnerabilityImportant
Windows Win32KCVE-2023-36731Win32k privilege escalation vulnerabilityImportant
Windows Win32KCVE-2023-36732Win32k privilege escalation vulnerabilityImportant
Windows Win32KCVE-2023-36776Win32k privilege escalation vulnerabilityImportant
Windows Win32KCVE-2023-36743Win32k privilege escalation vulnerabilityImportant
Windows Win32KCVE-2023-41772Win32k privilege escalation vulnerabilityImportant

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.

NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).

A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.