Microsoft fixed one actively exploited vulnerability in its August patch Tuesday releases, along with 72 other bugs.
Three separate campaigns are targeting the critical flaw (CVE-2023-3519) in Citris NetScaler ADC and Gateway devices.
According to the White House, in last year’s academic year at least eight K-12 school districts in the U.S. were impacted by significant cyberattacks, and four of those caused schools to cancel classes or close completely.
Microsoft was criticized after it took five months to fully patch an issue in its Power platform.
An analysis by CISA of commonly exploited vulnerabilities in 2022 shows that most of the targeted flaws are at least a year old and many are much older than that.