July 2023 Microsoft Patch Update

Published: 2023-07-11. Last Updated: 2023-07-11 20:37:11 UTC
by Scott Fendley (Version: 1)

Today's Microsoft patch Tuesday addresses 132 vulnerabilities. Nine of the vulnerabilities are rated as Critical, and 6 of these are listed as exploited prior in the wild.

In particular, CVE-2023-36884 includes a remote code execution vulnerability via Microsoft Word documents and was linked to the Storm-0978 threat actor. Microsoft Threat Intelligence has a blog entry which discusses this situation. Take special note of the mitigations which are recommended, as updates will likely be released out-of-cycle for this one.

Other exploited vulnerabilities include:

CVE-2023-35311 is a Microsoft Outlook Security Feature bypass which was being exploited in the wild which worked in the preview pane and bypasses security warning.

CVE-2023-32046 is an actively exploited privilege elevation vulnerability in Windows MSHTML which could be exploited by opening a specially crafted file in email or a malicious website.

CVE-2023-32049 is a security feature bypass vulnerability with Windows SmartScreen which was being exploited to prevent the Open File - Security Warning prompt when downloading/opening files from the Internet.

CVE-2023-36874 is an actively exploited privilege escalation flaw which could allow threat actors to gain local administrator privileges. Attackers would need to have local access to the targeted machine and the user be able to create folder and performance traces to fully exploit this vulnerability.

Microsoft also issued a high-impact advisory (ADV230001) where attackers where abusing the drivers being certified by Microsoft's Windows Hardware Developer Program (MWHDP) as a post-exploitation activity. The implicated developer accounts were suspected, and Microsoft has taken steps to untrust drivers which were improperly certified.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33127	No	No	-	-	Important	8.1	7.3
ASP.NET and Visual Studio Security Feature Bypass Vulnerability
CVE-2023-33170	No	No	-	-	Important	8.1	7.3
Active Directory Federation Service Security Feature Bypass Vulnerability
CVE-2023-35348	No	No	-	-	Important	7.5	6.5
Active Template Library Elevation of Privilege Vulnerability
CVE-2023-32055	No	No	-	-	Important	6.7	5.8
Azure Active Directory Security Feature Bypass Vulnerability
CVE-2023-36871	No	No	-	-	Important	6.5	6.0
Azure Service Fabric on Windows Information Disclosure Vulnerability
CVE-2023-36868	No	No	-	-	Important	6.5	5.7
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
CVE-2023-35320	No	No	-	-	Important	7.8	6.8
CVE-2023-35353	No	No	-	-	Important	7.8	6.8
Guidance on Microsoft Signed Drivers Being Used Maliciously
ADV230001	No	Yes	-	-	None
HTTP.sys Denial of Service Vulnerability
CVE-2023-32084	No	No	-	-	Important	7.5	6.5
CVE-2023-35298	No	No	-	-	Important	7.5	6.5
MediaWiki PandocUpload Extension Remote Code Execution Vulnerability
CVE-2023-35333	No	No	-	-	Important	8.8	7.7
Microsoft ActiveX Remote Code Execution Vulnerability
CVE-2023-33152	No	No	-	-	Important	7.0	6.1
Microsoft Defender Elevation of Privilege Vulnerability
CVE-2023-33156	No	No	-	-	Important	6.3	5.5
Microsoft DirectMusic Information Disclosure Vulnerability
CVE-2023-35341	No	No	-	-	Important	6.2	5.4
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-33171	No	No	-	-	Important	8.2	7.1
CVE-2023-35335	No	No	-	-	Important	8.2	7.1
Microsoft Excel Information Disclosure Vulnerability
CVE-2023-33162	No	No	-	-	Important	5.5	4.8
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33158	No	No	-	-	Important	7.8	6.8
CVE-2023-33161	No	No	-	-	Important	7.8	6.8
Microsoft Failover Cluster Information Disclosure Vulnerability
CVE-2023-32083	No	No	-	-	Important	6.5	5.7
Microsoft Failover Cluster Remote Code Execution Vulnerability
CVE-2023-32033	No	No	-	-	Important	6.6	5.8
Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules
ADV230002	No	No	Less Likely	Less Likely	Important
Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2023-35347	No	No	-	-	Important	7.1	6.2
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-32044	No	No	-	-	Important	7.5	6.5
CVE-2023-32045	No	No	-	-	Important	7.5	6.5
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-32057	No	No	-	-	Critical	9.8	8.5
CVE-2023-35309	No	No	-	-	Important	7.5	6.5
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-32038	No	No	-	-	Important	8.8	7.7
Microsoft Office Elevation of Privilege Vulnerability
CVE-2023-33148	No	No	-	-	Important	7.8	6.8
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2023-33149	No	No	-	-	Important	7.8	6.8
Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-33150	No	No	-	-	Important	9.6	8.3
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-33153	No	No	-	-	Important	6.8	5.9
Microsoft Outlook Security Feature Bypass Vulnerability
CVE-2023-35311	No	Yes	-	-	Important	8.8	8.2
Microsoft Outlook Spoofing Vulnerability
CVE-2023-33151	No	No	-	-	Important	6.5	5.7
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-32039	No	No	-	-	Important	5.5	4.8
CVE-2023-32040	No	No	-	-	Important	5.5	4.8
CVE-2023-35324	No	No	-	-	Important	5.5	4.8
CVE-2023-32085	No	No	-	-	Important	5.5	4.8
CVE-2023-35296	No	No	-	-	Important	6.5	5.7
CVE-2023-35306	No	No	-	-	Important	5.5	4.8
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-35302	No	No	-	-	Important	8.8	7.7
Microsoft Power Apps Spoofing Vulnerability
CVE-2023-32052	No	No	-	-	Important	5.4	4.7
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2023-33157	No	No	-	-	Critical	8.8	7.7
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-33134	No	No	-	-	Important	8.8	7.7
CVE-2023-33160	No	No	-	-	Critical	8.8	7.7
Microsoft SharePoint Server Security Feature Bypass Vulnerability
CVE-2023-33165	No	No	-	-	Important	4.3	3.8
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-33159	No	No	-	-	Important	8.8	7.7
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
CVE-2023-35312	No	No	-	-	Important	7.8	6.8
Mono Authenticode Validation Spoofing Vulnerability
CVE-2023-35373	No	No	-	-	Important	5.3	4.8
OLE Automation Information Disclosure Vulnerability
CVE-2023-32042	No	No	-	-	Important	6.5	5.7
Office and Windows HTML Remote Code Execution Vulnerability
CVE-2023-36884	Yes	Yes	-	-	Important	8.3	8.1
Paint 3D Remote Code Execution Vulnerability
CVE-2023-32047	No	No	-	-	Important	7.8	6.8
CVE-2023-35374	No	No	-	-	Important	7.8	6.8
Raw Image Extension Remote Code Execution Vulnerability
CVE-2023-32051	No	No	-	-	Important	7.8	6.8
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-33166	No	No	-	-	Important	6.5	5.7
CVE-2023-33167	No	No	-	-	Important	6.5	5.7
CVE-2023-33168	No	No	-	-	Important	6.5	5.7
CVE-2023-33169	No	No	-	-	Important	6.5	5.7
CVE-2023-33172	No	No	-	-	Important	6.5	5.7
CVE-2023-33173	No	No	-	-	Important	6.5	5.7
CVE-2023-32034	No	No	-	-	Important	6.5	5.7
CVE-2023-32035	No	No	-	-	Important	6.5	5.7
CVE-2023-35314	No	No	-	-	Important	6.5	5.7
CVE-2023-35318	No	No	-	-	Important	6.5	5.7
CVE-2023-35319	No	No	-	-	Important	6.5	5.7
CVE-2023-33164	No	No	-	-	Important	6.5	5.7
Remote Procedure Call Runtime Information Disclosure Vulnerability
CVE-2023-35316	No	No	-	-	Important	6.5	5.7
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-35300	No	No	-	-	Important	8.8	7.7
USB Audio Class System Driver Remote Code Execution Vulnerability
CVE-2023-35303	No	No	-	-	Important	8.8	7.7
VP9 Video Extensions Information Disclosure Vulnerability
CVE-2023-36872	No	No	Less Likely	Less Likely	Important	5.5	4.8
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability
CVE-2023-36867	No	No	-	-	Important	7.8	7.0
Volume Shadow Copy Elevation of Privilege Vulnerability
CVE-2023-32054	No	No	-	-	Important	7.3	6.4
Win32k Elevation of Privilege Vulnerability
CVE-2023-35337	No	No	-	-	Important	7.8	6.8
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
CVE-2023-35350	No	No	-	-	Important	7.2	6.3
CVE-2023-35351	No	No	-	-	Important	6.6	5.8
Windows Admin Center Spoofing Vulnerability
CVE-2023-29347	No	No	Less Likely	Less Likely	Important	8.7	7.6
Windows Authentication Denial of Service Vulnerability
CVE-2023-35329	No	No	-	-	Important	6.5	5.7
Windows CDP User Components Information Disclosure Vulnerability
CVE-2023-35326	No	No	-	-	Important	5.5	4.8
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2023-35340	No	No	-	-	Important	7.8	6.8
Windows Clip Service Elevation of Privilege Vulnerability
CVE-2023-35362	No	No	-	-	Important	7.8	6.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-33155	No	No	-	-	Important	7.8	6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-35299	No	No	-	-	Important	7.8	6.8
Windows CryptoAPI Denial of Service Vulnerability
CVE-2023-35339	No	No	-	-	Important	7.5	6.5
Windows Cryptographic Information Disclosure Vulnerability
CVE-2023-33174	No	No	-	-	Important	5.5	4.8
Windows DNS Server Remote Code Execution Vulnerability
CVE-2023-35344	No	No	-	-	Important	6.6	5.8
CVE-2023-35345	No	No	-	-	Important	6.6	5.8
CVE-2023-35346	No	No	-	-	Important	6.6	5.8
CVE-2023-35310	No	No	Less Likely	Less Likely	Important	6.6	5.8
Windows Deployment Services Denial of Service Vulnerability
CVE-2023-35321	No	No	-	-	Important	6.5	5.7
Windows Deployment Services Remote Code Execution Vulnerability
CVE-2023-35322	No	No	-	-	Important	8.8	7.7
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2023-36874	No	Yes	-	-	Important	7.8	6.8
Windows Extended Negotiation Denial of Service Vulnerability
CVE-2023-35330	No	No	-	-	Important	7.5	6.5
Windows Geolocation Service Remote Code Execution Vulnerability
CVE-2023-35343	No	No	-	-	Important	7.8	6.8
Windows Image Acquisition Elevation of Privilege Vulnerability
CVE-2023-35342	No	No	-	-	Important	7.8	6.8
Windows Installer Elevation of Privilege Vulnerability
CVE-2023-32050	No	No	-	-	Important	7.0	6.1
CVE-2023-32053	No	No	-	-	Important	7.8	6.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35356	No	No	-	-	Important	7.8	6.8
CVE-2023-35357	No	No	-	-	Important	7.8	6.8
CVE-2023-35358	No	No	-	-	Important	7.8	6.8
CVE-2023-35360	No	No	-	-	Important	7.0	6.1
CVE-2023-35361	No	No	-	-	Important	7.0	6.1
CVE-2023-35363	No	No	-	-	Important	7.8	6.8
CVE-2023-35364	No	No	-	-	Important	8.8	7.7
CVE-2023-35304	No	No	-	-	Important	7.8	6.8
CVE-2023-35305	No	No	-	-	Important	7.8	6.8
Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability
CVE-2023-32037	No	No	-	-	Important	6.5	5.7
Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
CVE-2023-35315	No	No	-	-	Critical	8.8	7.7
Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVE-2023-35331	No	No	-	-	Important	6.5	5.7
Windows MSHTML Platform Elevation of Privilege Vulnerability
CVE-2023-32046	No	Yes	-	-	Important	7.8	6.8
Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2023-35336	No	No	-	-	Important	6.5	5.7
CVE-2023-35308	No	No	-	-	Important	6.5	5.7
Windows Netlogon Information Disclosure Vulnerability
CVE-2023-21526	No	No	-	-	Important	7.4	6.4
Windows Network Load Balancing Remote Code Execution Vulnerability
CVE-2023-33163	No	No	-	-	Important	7.5	6.5
Windows OLE Remote Code Execution Vulnerability
CVE-2023-35323	No	No	-	-	Important	7.8	6.8
Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability
CVE-2023-35313	No	No	-	-	Important	7.8	6.8
Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2023-33154	No	No	-	-	Important	7.8	6.8
Windows Peer Name Resolution Protocol Denial of Service Vulnerability
CVE-2023-35338	No	No	-	-	Important	7.5	6.5
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-35297	No	No	-	-	Critical	7.5	6.5
Windows Print Spooler Information Disclosure Vulnerability
CVE-2023-35325	No	No	-	-	Important	7.5	6.5
Windows Remote Desktop Protocol Security Feature Bypass
CVE-2023-35332	No	No	-	-	Important	6.8	5.9
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2023-32043	No	No	-	-	Important	6.8	5.9
CVE-2023-35352	No	No	-	-	Critical	7.5	6.5
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2023-35365	No	No	-	-	Critical	9.8	8.5
CVE-2023-35366	No	No	-	-	Critical	9.8	8.5
CVE-2023-35367	No	No	-	-	Critical	9.8	8.5
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
CVE-2023-35317	No	No	-	-	Important	7.8	6.8
CVE-2023-32056	No	No	-	-	Important	7.8	6.8
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-32049	No	Yes	-	-	Important	8.8	8.2
Windows Transaction Manager Elevation of Privilege Vulnerability
CVE-2023-35328	No	No	-	-	Important	7.8	6.8
Windows Update Orchestrator Service Information Disclosure Vulnerability
CVE-2023-32041	No	No	-	-	Important	5.5	4.8
Windows Win32k Elevation of Privilege Vulnerability
CVE-2023-21756	No	No	Less Likely	Less Likely	Important	7.8	6.8

Keywords:

0 comment(s)

Internet Storm Center

July 2023 Microsoft Patch Update

Comments