In its March Patch Tuesday release, Microsoft has fixed two vulnerabilities (CVE-2023-23397) and (CVE-2023-24880) that have been exploited in the wild.
In its February patch release, Microsoft fixed three vulnerabilities in Windows that have been actively exploited.
Play ransomware actors have been using a previously undocumented exploitation method for the ProxyNotShell Exchange flaws.
Researchers have found a malicious driver signed by Microsoft used in the lead up to Hive and Cuba ransomware deployments.
Microsoft did not give further details about the exploitation efforts against the flaws disclosed on Tuesday.