{"id":49617,"date":"2023-10-11T16:20:52","date_gmt":"2023-10-11T15:20:52","guid":{"rendered":"https:\/\/www.n-able.com\/?p=49617"},"modified":"2023-10-19T14:38:23","modified_gmt":"2023-10-19T13:38:23","slug":"patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack","title":{"rendered":"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack"},"content":{"rendered":"<p class=\"p3\"><span class=\"s1\">October has arrived bringing with it pumpkin-spice versions of everything alongside Microsoft\u2019s latest release of Patch Tuesday fixes and updates. As always Patch Tuesday brings with it a new list of vulnerabilities that will need to be chased down and remediated through patching or mitigated through additional actions. The total amount of vulnerabilities and the risk they present ebbs and flows from month to month, leaving MSPs and sysadmins responsible for patch management with little certainty when it comes to planning resources. <\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Microsoft Vulnerabilities <\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">Microsoft released security updates addressing a total of 103 vulnerabilities in Windows and other Microsoft products. Three (3) of them are classified as zero-days that are Under Active Exploitation. While the severity for each zero-day is only Important, the fact they are already used in active threat campaigns should raise them to the top of the list for anyone who has systems affected by these vulnerabilities. Luckily for most defenders, two (2) of the zero-days from this month aren\u2019t likely to impact them as they affect systems that are not in wide use. The third does have a very broad deployment base, but exploitation takes additional steps that reduces ease of use.<\/span><\/p>\n<p class=\"p3\"><span class=\"s1\">All three (3) zero-days from this month were also added to CISA\u2019s <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Known Exploited Vulnerabilities Catalog<\/span><\/a> on October 10<\/span><span class=\"s3\"><sup>th<\/sup><\/span><span class=\"s1\">, 2023 with a target mitigation date of October 31<\/span><span class=\"s3\"><sup>st<\/sup><\/span><span class=\"s1\">, 2023. If you are unfamiliar with CISA\u2019s KEV Catalog it lists, prioritizes, and provides remediation for vulnerabilities that are actively under exploitation or have been exploited in the past. It serves as a valuable reference for IT and cybersecurity professionals when it comes to systematically addressing vulnerabilities to reduce risk exposure. <\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">CVE-2023-36563<\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">A Microsoft WordPad vulnerability that can lead to unauthorized disclosure of NTLM hashes. Marked with a severity of Important, this zero-day vulnerability is reported to be Under Active Exploitation. Even though WordPad isn\u2019t used as a productivity tool in most organizations it has been present in Windows OS since Windows 95. Exploitation of this vulnerability requires an attacker to already have access to a system or convince an end-user to open a malicious file. <a href=\"mailto:https:\/\/www.n-able.com\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Microsoft addressed a similar vulnerability in Microsoft Word<\/span><\/a> last month. <\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">CVE-2023-44487<\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">This vulnerability affects HTTP\/2 protocol and allows an attacker to perform a <a href=\"https:\/\/www.n-able.com\/cyber-encyclopedia\/what-is-a-ddos-attack\">DDoS attack<\/a>. An active campaign has been leveraging this vulnerability since August 25<\/span><span class=\"s3\"><sup>th<\/sup><\/span><span class=\"s1\">, 2023 and represents the largest HTTP DDoS attack by a significant margin. <a href=\"https:\/\/blog.cloudflare.com\/technical-breakdown-http2-rapid-reset-ddos-attack\/\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Cloudflare<\/span><\/a> has the volume as three times bigger than the previous largest attack, and concerningly notes that this was achieved with a botnet of only 20,000 machines. Guidance from Microsoft is to apply updates with potential <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-44487\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">workarounds<\/span><\/a> available. Since this affects the HTTP\/2 protocol and is not limited to just Windows operating systems you will need to audit your environments to ensure you have mitigations or updates applied to any affected systems.<\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">CVE-2023-41763 <\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">This month\u2019s final Microsoft zero-day vulnerability affects Skype for Business with an elevation of privilege vulnerability. Successful attacks using this vulnerability could expose information such as IP addresses and port numbers to an attacker. Teams has been the favored solution over Skype for a few years so the deployment base of Skype has shrunk over the years, but there still may be remnants floating around in your environments. This is a great example of why it\u2019s important to remove applications that no longer have a business use case. <\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">Layer 2 Tunneling Protocol <\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">There are nine (9) vulnerabilities affecting the same protocol that received fixes this month. All marked as Exploitation Less Likely, but with a severity rating of Critical, threat actors will likely be spending some effort over the next few days understanding how they can take advantage of these vulnerabilities. They have the potential to become part of attack campaigns that would allow attackers to perform remote code execution against RAS servers by winning a race condition. Applying updates to deal with these CVEs should be on your prioritization lists for the month. <\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Microsoft Patch Tuesday Vulnerability Prioritization <\/span><\/h2>\n<p class=\"p6\"><span class=\"s1\">Addressing vulnerabilities effectively requires a mix of adhering to established best practices and leveraging informed judgment. While it\u2019s a natural instinct to rank vulnerabilities with critical severity ratings higher on the list of things that need to be addressed, relying on severity ratings alone can be limiting. An often-overlooked component is temporal metrics, which provide a measure of the window of vulnerability\u2014the time from initial vulnerability discovery to the availability and application of the patch. This is essential as the longer a vulnerability exists without a fix, the greater the potential for exploitation. By integrating temporal metrics into the risk evaluation process, organizations can gain a more comprehensive understanding of the threat landscape and potential attack vectors, ensuring that they don\u2019t leave themselves open to unnecessary risks.<\/span><\/p>\n<p class=\"p6\"><em><span class=\"s1\"><b>Table Key:\u00a0<\/b>Severity:\u00a0C = Critical, I = Important, M = Moderate, R = Re-issue;\u00a0Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected,\u00a0N\/A = Not Available<\/span><\/em><\/p>\n<table cellspacing=\"0\" cellpadding=\"0\" class=\"t1\">\n<tbody>\n<tr>\n<td valign=\"top\" class=\"td1\" width=\"20%\">\n<p class=\"p7\"><strong><span class=\"s1\">CVE Number<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td2\" width=\"60%\">\n<p class=\"p7\"><strong><span class=\"s1\">CVE Title<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td3\" width=\"10%\" style=\"text-align: center;\">\n<p class=\"p7\"><strong><span class=\"s1\">Severity<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td4\" width=\"10%\" style=\"text-align: center;\">\n<p class=\"p7\"><strong><span class=\"s1\">Status<\/span><\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-44487\" target=\"_blank\" rel=\"noopener\">CVE-2023-44487<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">MITRE: CVE-2023-44487 HTTP\/2 Rapid Reset Attack<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41763\" target=\"_blank\" rel=\"noopener\">CVE-2023-41763<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Skype for Business Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36563\" target=\"_blank\" rel=\"noopener\">CVE-2023-36563<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Microsoft WordPad Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41774\" target=\"_blank\" rel=\"noopener\">CVE-2023-41774<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41773\" target=\"_blank\" rel=\"noopener\">CVE-2023-41773<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41771\" target=\"_blank\" rel=\"noopener\">CVE-2023-41771<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41770\" target=\"_blank\" rel=\"noopener\">CVE-2023-41770<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41769\" target=\"_blank\" rel=\"noopener\">CVE-2023-41769<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41768\" target=\"_blank\" rel=\"noopener\">CVE-2023-41768<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41767\" target=\"_blank\" rel=\"noopener\">CVE-2023-41767<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41765\" target=\"_blank\" rel=\"noopener\">CVE-2023-41765<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-38166\" target=\"_blank\" rel=\"noopener\">CVE-2023-38166<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36796\" target=\"_blank\" rel=\"noopener\">CVE-2023-36796<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36793\" target=\"_blank\" rel=\"noopener\">CVE-2023-36793<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36792\" target=\"_blank\" rel=\"noopener\">CVE-2023-36792<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36718\" target=\"_blank\" rel=\"noopener\">CVE-2023-36718<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36697\" target=\"_blank\" rel=\"noopener\">CVE-2023-36697<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Message Queuing Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36566\" target=\"_blank\" rel=\"noopener\">CVE-2023-36566<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Common Data Model SDK Denial of Service Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35349\" target=\"_blank\" rel=\"noopener\">CVE-2023-35349<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Message Queuing Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-41772\" target=\"_blank\" rel=\"noopener\">CVE-2023-41772<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-38159\" target=\"_blank\" rel=\"noopener\">CVE-2023-38159<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36780\" target=\"_blank\" rel=\"noopener\">CVE-2023-36780<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Skype for Business Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36778\" target=\"_blank\" rel=\"noopener\">CVE-2023-36778<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Exchange Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36776\" target=\"_blank\" rel=\"noopener\">CVE-2023-36776<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36743\" target=\"_blank\" rel=\"noopener\">CVE-2023-36743<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36732\" target=\"_blank\" rel=\"noopener\">CVE-2023-36732<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36731\" target=\"_blank\" rel=\"noopener\">CVE-2023-36731<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36713\" target=\"_blank\" rel=\"noopener\">CVE-2023-36713<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Windows Common Log File System Driver Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36594\" target=\"_blank\" rel=\"noopener\">CVE-2023-36594<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-37967\" target=\"_blank\" rel=\"noopener\">CVE-2022-37967<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Windows Kerberos Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\" style=\"width: 126.997px;\">\n<p class=\"p8\"><span class=\"s4\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36794\" target=\"_blank\" rel=\"noopener\">CVE-2023-36794<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\" style=\"width: 575.99px;\">\n<p class=\"p9\"><span class=\"s1\">Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\" style=\"width: 70px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\" style=\"width: 53.9931px; text-align: center;\">\n<p class=\"p9\"><span class=\"s1\">N\/A<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 class=\"p4\"><span class=\"s1\">Summary<\/span><\/h2>\n<p class=\"p6\"><span class=\"s1\">As always make sure you have established patching processes for evaluation, testing and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity consider including prioritization of patches for Zero-Days, Exploitation Detected and Exploitation More Likely vulnerabilities in your\u00a0<a href=\"https:\/\/www.n-able.com\/features\/windows-patch-management\" target=\"_blank\" rel=\"noopener\"><span class=\"s5\">Patch Management<\/span><\/a>\u00a0routines.<\/span><\/p>\n<p class=\"p6\"><span class=\"s1\"><b>Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Reviews, then check out\u00a0<\/b><a href=\"https:\/\/www.n-able.com\/blog\/patch-management?filter_products=all#filtered\" target=\"_blank\" rel=\"noopener\"><span class=\"s5\"><b>this section of our blog<\/b><\/span><\/a><b>.<\/b>\u00a0<\/span><\/p>\n<p class=\"p6\"><span class=\"s1\">Lewis Pope is the Head Security Nerd at N&#8209;able. You can follow him on Twitter:\u00a0<a href=\"https:\/\/twitter.com\/cybersec_nerd\" target=\"_blank\" rel=\"noopener\"><span class=\"s5\">@cybersec_nerd<\/span><\/a><\/span><\/p>\n<p class=\"p10\"><span class=\"s6\">LinkedIn:\u00a0<a href=\"https:\/\/www.linkedin.com\/in\/thesecuritypope\" target=\"_blank\" rel=\"noopener\"><span class=\"s7\">thesecuritypope<\/span><\/a><\/span><\/p>\n<p class=\"p10\"><span class=\"s6\">Twitch:\u00a0<a href=\"https:\/\/www.twitch.tv\/cybersec_nerd\" target=\"_blank\" rel=\"noopener\"><span class=\"s7\">cybersec_nerd<\/span><\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>With Microsoft releasing security updates addressing a total of 103 vulnerabilities, Lewis Pope takes an in-depth look at what needs to be on your priority list.<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-49617","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack - N-able<\/title>\n<meta name=\"description\" content=\"With Microsoft releasing security updates addressing a total of 103 vulnerabilities, we look at what needs to be on your priority list.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack - N-able\" \/>\n<meta property=\"og:description\" content=\"With Microsoft releasing security updates addressing a total of 103 vulnerabilities, we look at what needs to be on your priority list.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-11T15:20:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-19T13:38:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2501\" \/>\n\t<meta property=\"og:image:height\" content=\"1309\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack\",\"datePublished\":\"2023-10-11T16:20:52+01:00\",\"dateModified\":\"2023-10-19T13:38:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\"},\"wordCount\":1263,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/es#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"es\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\",\"url\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\",\"name\":\"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/es#website\"},\"datePublished\":\"2023-10-11T16:20:52+01:00\",\"dateModified\":\"2023-10-19T13:38:23+00:00\",\"description\":\"With Microsoft releasing security updates addressing a total of 103 vulnerabilities, we look at what needs to be on your priority list.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/es\/blog\/category\/head-nerds-es\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/es#website\",\"url\":\"https:\/\/www.n-able.com\/es\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/es#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/es?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/es#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/es\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack - N-able","description":"With Microsoft releasing security updates addressing a total of 103 vulnerabilities, we look at what needs to be on your priority list.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack","og_locale":"es_ES","og_type":"article","og_title":"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack - N-able","og_description":"With Microsoft releasing security updates addressing a total of 103 vulnerabilities, we look at what needs to be on your priority list.","og_url":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2023-10-11T15:20:52+00:00","article_modified_time":"2023-10-19T13:38:23+00:00","og_image":[{"width":2501,"height":1309,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Lewis Pope","Tiempo de lectura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/es#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack","datePublished":"2023-10-11T16:20:52+01:00","dateModified":"2023-10-19T13:38:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack"},"wordCount":1263,"publisher":{"@id":"https:\/\/www.n-able.com\/es#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"es"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack","url":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack","name":"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/es#website"},"datePublished":"2023-10-11T16:20:52+01:00","dateModified":"2023-10-19T13:38:23+00:00","description":"With Microsoft releasing security updates addressing a total of 103 vulnerabilities, we look at what needs to be on your priority list.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-october-2023-http-2-rapid-reset-sets-record-ddos-attack#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/es\/blog\/category\/head-nerds-es"},{"@type":"ListItem","position":2,"name":"Patch Tuesday October 2023: HTTP\/2 Rapid Reset Sets Record DDoS Attack"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/es#website","url":"https:\/\/www.n-able.com\/es","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/es#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/es?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/es#organization","name":"N-able","url":"https:\/\/www.n-able.com\/es","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/es#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts\/49617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/comments?post=49617"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts\/49617\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/media?parent=49617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}