Skip to content

Microsoft Streaming Service Vulnerability Exploited - 20240212001

Overview

Microsoft Streaming Service Proxy with high local privilege escalation vulnerabilities have been reported exploited by the new Raspberry Robin campaign. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

What is the vulnerability?

CVE ID Severity CVSS Exploitation Dated
CVE-2023-29360 High 8.4 Yes 29 Feb,2024

What is vulnerable?

Product(s) Affected Versions
- Microsoft Windows 10 Version 1809, 32-bit Systems, x64-based Systems, ARM64-based Systems
- Microsoft Windows Server 2019, x64-based Systems
- Microsoft Windows Server 2019 (Server Core installation), x64-based Systems
versions 10.0.0 to 10.0.17763.4499
- Microsoft Windows Server 2022, x64-based Systems versions 10.0.0 to 10.0.20348.1787
versions 10.0.0 to 10.0.20348.1784
- Microsoft Windows 11 version 21H2, x64-based Systems, ARM64-based Systems versions 10.0.0 to 10.0.22000.2057
- Microsoft Windows 10 Version 21H2, 32-bit Systems, ARM64-based Systems versions 10.0.0 to 10.0.19044.3086
- Microsoft Windows 11 version 22H2, ARM64-based Systems, x64-based Systems versions 10.0.0 to 10.0.22621.1848
- Microsoft Windows 10 Version 22H2, x64-based Systems, ARM64-based Systems, 32-bit Systems versions 10.0.0 to 10.0.19045.3086
- Microsoft Windows 10 Version 1607, x64-based Systems, ARM64-based Systems, 32-bit Systems versions 10.0.0 to 10.0.14393.5989
- Microsoft Windows Server 2016, x64-based Systems versions 10.0.0 to 10.0.14393.5989
- Microsoft Windows Server 2016 (Server Core installation), x64-based Systems versions 10.0.0 to 10.0.14393.5989

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours (refer Patch Management):