Due to the risks involved with these vulnerabilities, these updates should be tested and pushed to production environments as soon as policies allow. These attacks require initial access to be effective, and phishing emails are the most prominent method of gaining that first foothold. Ensuring that users know the risks of phishing emails and how to detect them can help protect an organization. Remote Code Execution and Privilege Escalation vulnerabilities are inevitable with the increasing complexity of modern IT systems, but a mature information security program can help ensure business continuity in the worst-case scenario.
Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21823
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23376
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21715
