July 2023 Microsoft Patch Update
Today's Microsoft patch Tuesday addresses 132 vulnerabilities. Nine of the vulnerabilities are rated as Critical, and 6 of these are listed as exploited prior in the wild.
In particular, CVE-2023-36884 includes a remote code execution vulnerability via Microsoft Word documents and was linked to the Storm-0978 threat actor. Microsoft Threat Intelligence has a blog entry which discusses this situation. Take special note of the mitigations which are recommended, as updates will likely be released out-of-cycle for this one.
Other exploited vulnerabilities include:
CVE-2023-35311 is a Microsoft Outlook Security Feature bypass which was being exploited in the wild which worked in the preview pane and bypasses security warning.
CVE-2023-32046 is an actively exploited privilege elevation vulnerability in Windows MSHTML which could be exploited by opening a specially crafted file in email or a malicious website.
CVE-2023-32049 is a security feature bypass vulnerability with Windows SmartScreen which was being exploited to prevent the Open File - Security Warning prompt when downloading/opening files from the Internet.
CVE-2023-36874 is an actively exploited privilege escalation flaw which could allow threat actors to gain local administrator privileges. Attackers would need to have local access to the targeted machine and the user be able to create folder and performance traces to fully exploit this vulnerability.
Microsoft also issued a high-impact advisory (ADV230001) where attackers where abusing the drivers being certified by Microsoft's Windows Hardware Developer Program (MWHDP) as a post-exploitation activity. The implicated developer accounts were suspected, and Microsoft has taken steps to untrust drivers which were improperly certified.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET and Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2023-33127 | No | No | - | - | Important | 8.1 | 7.3 |
ASP.NET and Visual Studio Security Feature Bypass Vulnerability | |||||||
CVE-2023-33170 | No | No | - | - | Important | 8.1 | 7.3 |
Active Directory Federation Service Security Feature Bypass Vulnerability | |||||||
CVE-2023-35348 | No | No | - | - | Important | 7.5 | 6.5 |
Active Template Library Elevation of Privilege Vulnerability | |||||||
CVE-2023-32055 | No | No | - | - | Important | 6.7 | 5.8 |
Azure Active Directory Security Feature Bypass Vulnerability | |||||||
CVE-2023-36871 | No | No | - | - | Important | 6.5 | 6.0 |
Azure Service Fabric on Windows Information Disclosure Vulnerability | |||||||
CVE-2023-36868 | No | No | - | - | Important | 6.5 | 5.7 |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | |||||||
CVE-2023-35320 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35353 | No | No | - | - | Important | 7.8 | 6.8 |
Guidance on Microsoft Signed Drivers Being Used Maliciously | |||||||
ADV230001 | No | Yes | - | - | None | ||
HTTP.sys Denial of Service Vulnerability | |||||||
CVE-2023-32084 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2023-35298 | No | No | - | - | Important | 7.5 | 6.5 |
MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | |||||||
CVE-2023-35333 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft ActiveX Remote Code Execution Vulnerability | |||||||
CVE-2023-33152 | No | No | - | - | Important | 7.0 | 6.1 |
Microsoft Defender Elevation of Privilege Vulnerability | |||||||
CVE-2023-33156 | No | No | - | - | Important | 6.3 | 5.5 |
Microsoft DirectMusic Information Disclosure Vulnerability | |||||||
CVE-2023-35341 | No | No | - | - | Important | 6.2 | 5.4 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||||
CVE-2023-33171 | No | No | - | - | Important | 8.2 | 7.1 |
CVE-2023-35335 | No | No | - | - | Important | 8.2 | 7.1 |
Microsoft Excel Information Disclosure Vulnerability | |||||||
CVE-2023-33162 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2023-33158 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-33161 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Failover Cluster Information Disclosure Vulnerability | |||||||
CVE-2023-32083 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft Failover Cluster Remote Code Execution Vulnerability | |||||||
CVE-2023-32033 | No | No | - | - | Important | 6.6 | 5.8 |
Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules | |||||||
ADV230002 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Install Service Elevation of Privilege Vulnerability | |||||||
CVE-2023-35347 | No | No | - | - | Important | 7.1 | 6.2 |
Microsoft Message Queuing Denial of Service Vulnerability | |||||||
CVE-2023-32044 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2023-32045 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Message Queuing Remote Code Execution Vulnerability | |||||||
CVE-2023-32057 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-35309 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-32038 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Office Elevation of Privilege Vulnerability | |||||||
CVE-2023-33148 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Office Graphics Remote Code Execution Vulnerability | |||||||
CVE-2023-33149 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Office Security Feature Bypass Vulnerability | |||||||
CVE-2023-33150 | No | No | - | - | Important | 9.6 | 8.3 |
Microsoft Outlook Remote Code Execution Vulnerability | |||||||
CVE-2023-33153 | No | No | - | - | Important | 6.8 | 5.9 |
Microsoft Outlook Security Feature Bypass Vulnerability | |||||||
CVE-2023-35311 | No | Yes | - | - | Important | 8.8 | 8.2 |
Microsoft Outlook Spoofing Vulnerability | |||||||
CVE-2023-33151 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | |||||||
CVE-2023-32039 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2023-32040 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2023-35324 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2023-32085 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2023-35296 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-35306 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-35302 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Power Apps Spoofing Vulnerability | |||||||
CVE-2023-32052 | No | No | - | - | Important | 5.4 | 4.7 |
Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
CVE-2023-33157 | No | No | - | - | Critical | 8.8 | 7.7 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2023-33134 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-33160 | No | No | - | - | Critical | 8.8 | 7.7 |
Microsoft SharePoint Server Security Feature Bypass Vulnerability | |||||||
CVE-2023-33165 | No | No | - | - | Important | 4.3 | 3.8 |
Microsoft SharePoint Server Spoofing Vulnerability | |||||||
CVE-2023-33159 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | |||||||
CVE-2023-35312 | No | No | - | - | Important | 7.8 | 6.8 |
Mono Authenticode Validation Spoofing Vulnerability | |||||||
CVE-2023-35373 | No | No | - | - | Important | 5.3 | 4.8 |
OLE Automation Information Disclosure Vulnerability | |||||||
CVE-2023-32042 | No | No | - | - | Important | 6.5 | 5.7 |
Office and Windows HTML Remote Code Execution Vulnerability | |||||||
CVE-2023-36884 | Yes | Yes | - | - | Important | 8.3 | 8.1 |
Paint 3D Remote Code Execution Vulnerability | |||||||
CVE-2023-32047 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35374 | No | No | - | - | Important | 7.8 | 6.8 |
Raw Image Extension Remote Code Execution Vulnerability | |||||||
CVE-2023-32051 | No | No | - | - | Important | 7.8 | 6.8 |
Remote Procedure Call Runtime Denial of Service Vulnerability | |||||||
CVE-2023-33166 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-33167 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-33168 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-33169 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-33172 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-33173 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-32034 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-32035 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-35314 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-35318 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-35319 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-33164 | No | No | - | - | Important | 6.5 | 5.7 |
Remote Procedure Call Runtime Information Disclosure Vulnerability | |||||||
CVE-2023-35316 | No | No | - | - | Important | 6.5 | 5.7 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||||
CVE-2023-35300 | No | No | - | - | Important | 8.8 | 7.7 |
USB Audio Class System Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-35303 | No | No | - | - | Important | 8.8 | 7.7 |
VP9 Video Extensions Information Disclosure Vulnerability | |||||||
CVE-2023-36872 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | |||||||
CVE-2023-36867 | No | No | - | - | Important | 7.8 | 7.0 |
Volume Shadow Copy Elevation of Privilege Vulnerability | |||||||
CVE-2023-32054 | No | No | - | - | Important | 7.3 | 6.4 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2023-35337 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | |||||||
CVE-2023-35350 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2023-35351 | No | No | - | - | Important | 6.6 | 5.8 |
Windows Admin Center Spoofing Vulnerability | |||||||
CVE-2023-29347 | No | No | Less Likely | Less Likely | Important | 8.7 | 7.6 |
Windows Authentication Denial of Service Vulnerability | |||||||
CVE-2023-35329 | No | No | - | - | Important | 6.5 | 5.7 |
Windows CDP User Components Information Disclosure Vulnerability | |||||||
CVE-2023-35326 | No | No | - | - | Important | 5.5 | 4.8 |
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | |||||||
CVE-2023-35340 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Clip Service Elevation of Privilege Vulnerability | |||||||
CVE-2023-35362 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-33155 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-35299 | No | No | - | - | Important | 7.8 | 6.8 |
Windows CryptoAPI Denial of Service Vulnerability | |||||||
CVE-2023-35339 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Cryptographic Information Disclosure Vulnerability | |||||||
CVE-2023-33174 | No | No | - | - | Important | 5.5 | 4.8 |
Windows DNS Server Remote Code Execution Vulnerability | |||||||
CVE-2023-35344 | No | No | - | - | Important | 6.6 | 5.8 |
CVE-2023-35345 | No | No | - | - | Important | 6.6 | 5.8 |
CVE-2023-35346 | No | No | - | - | Important | 6.6 | 5.8 |
CVE-2023-35310 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
Windows Deployment Services Denial of Service Vulnerability | |||||||
CVE-2023-35321 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Deployment Services Remote Code Execution Vulnerability | |||||||
CVE-2023-35322 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Error Reporting Service Elevation of Privilege Vulnerability | |||||||
CVE-2023-36874 | No | Yes | - | - | Important | 7.8 | 6.8 |
Windows Extended Negotiation Denial of Service Vulnerability | |||||||
CVE-2023-35330 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Geolocation Service Remote Code Execution Vulnerability | |||||||
CVE-2023-35343 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Image Acquisition Elevation of Privilege Vulnerability | |||||||
CVE-2023-35342 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2023-32050 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2023-32053 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2023-35356 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35357 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35358 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35360 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2023-35361 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2023-35363 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35364 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-35304 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-35305 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | |||||||
CVE-2023-32037 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-35315 | No | No | - | - | Critical | 8.8 | 7.7 |
Windows Local Security Authority (LSA) Denial of Service Vulnerability | |||||||
CVE-2023-35331 | No | No | - | - | Important | 6.5 | 5.7 |
Windows MSHTML Platform Elevation of Privilege Vulnerability | |||||||
CVE-2023-32046 | No | Yes | - | - | Important | 7.8 | 6.8 |
Windows MSHTML Platform Security Feature Bypass Vulnerability | |||||||
CVE-2023-35336 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-35308 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Netlogon Information Disclosure Vulnerability | |||||||
CVE-2023-21526 | No | No | - | - | Important | 7.4 | 6.4 |
Windows Network Load Balancing Remote Code Execution Vulnerability | |||||||
CVE-2023-33163 | No | No | - | - | Important | 7.5 | 6.5 |
Windows OLE Remote Code Execution Vulnerability | |||||||
CVE-2023-35323 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability | |||||||
CVE-2023-35313 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-33154 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Peer Name Resolution Protocol Denial of Service Vulnerability | |||||||
CVE-2023-35338 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||||||
CVE-2023-35297 | No | No | - | - | Critical | 7.5 | 6.5 |
Windows Print Spooler Information Disclosure Vulnerability | |||||||
CVE-2023-35325 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Remote Desktop Protocol Security Feature Bypass | |||||||
CVE-2023-35332 | No | No | - | - | Important | 6.8 | 5.9 |
Windows Remote Desktop Security Feature Bypass Vulnerability | |||||||
CVE-2023-32043 | No | No | - | - | Important | 6.8 | 5.9 |
CVE-2023-35352 | No | No | - | - | Critical | 7.5 | 6.5 |
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||||||
CVE-2023-35365 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-35366 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-35367 | No | No | - | - | Critical | 9.8 | 8.5 |
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | |||||||
CVE-2023-35317 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-32056 | No | No | - | - | Important | 7.8 | 6.8 |
Windows SmartScreen Security Feature Bypass Vulnerability | |||||||
CVE-2023-32049 | No | Yes | - | - | Important | 8.8 | 8.2 |
Windows Transaction Manager Elevation of Privilege Vulnerability | |||||||
CVE-2023-35328 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Update Orchestrator Service Information Disclosure Vulnerability | |||||||
CVE-2023-32041 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2023-21756 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Comments