I'm looking for help resolving a vulnerability identified as CVE-2023-28303 that affects the Windows Snipping Tool on Windows servers. I've been unable to find any relevant information about it. Is there a specific product or category I should check in the WSUS server to ensure I'm addressing this issue?
2 Answers
Just to add another point, this vulnerability also concerns information disclosure. If a snip hasn't been taken yet, there's no risk involved, so it's more about ensuring your software is updated to mitigate potential issues.
This vulnerability relates to Microsoft Store apps. Make sure you check your versions for Snip and Sketch on Windows 10 and the Snipping Tool on Windows 11. For Snip and Sketch, versions 10.2008.3001.0 or later include the necessary updates, while for the Snipping Tool on Windows 11, you need version 11.2302.20.0 or higher. You can find more details on the Microsoft Security Response Center's website.
I checked that page earlier, but the results from my OpenVAS scan still flagged the issue across multiple servers. I'm considering installing the Microsoft Store on my Windows servers to get the latest updates for the Snipping Tool.