In its second Patch Tuesday of the year, Microsoft has released patches for a total of 78 vulnerabilities, including three zero-day vulnerabilities that are currently being exploited, and 66 important vulnerabilities. In addition, there are nine vulnerabilities classified as “Critical” that enable Remote Code Execution (RCE) on vulnerable machines.
Following is a list of how many bugs are found in each of the vulnerability categories:-
- Remote Code Execution Vulnerabilities: 38
- Elevation of Privilege Vulnerabilities: 12
- Denial of Service Vulnerabilities: 10
- Information Disclosure Vulnerabilities: 8
- Spoofing Vulnerabilities: 8
- Security Feature Bypass Vulnerabilities: 2
Three vulnerabilities were fixed earlier this month in Microsoft Edge, which is not included in this count.
Critical Flaws Patched
Here below we have mentioned all the flaws that are marked as “Critical”:-
- CVE-2023-21808: .NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2023-21716: Microsoft Word Remote Code Execution Vulnerability
- CVE-2023-21718: Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
- CVE-2023-21815: Visual Studio Remote Code Execution Vulnerability
- CVE-2023-23381: Visual Studio Remote Code Execution Vulnerability
- CVE-2023-21803: Windows iSCSI Discovery Service Remote Code Execution Vulnerability
- CVE-2023-21692: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
- CVE-2023-21690: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
- CVE-2023-21689: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
Zero-days Patched
It is important to point out that Patch Tuesday for this month resolves three zero-day vulnerabilities that are actively exploited. If an issue is publicly disclosed with no official fix available, or if it is actively exploited, Microsoft classifies it as a zero-day.
In this security update, three actively exploited zero-day vulnerabilities have been fixed, and they are as follows:-
- CVE-2023-21823: Windows Graphics Component Remote Code Execution Vulnerability (Discovered by Dhanesh Kizhakkinan, Genwei Jiang, and Dhanesh Kizhakkinan of Mandiant)
- CVE-2023-21715: Microsoft Publisher Security Features Bypass Vulnerability (Discovered by Hidetake Jo of Microsoft)
- CVE-2023-23376: Windows Common Log File System Driver Elevation of Privilege Vulnerability (Discovered by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center)
There have been several vulnerabilities that have crippled Microsoft Exchange Servers around the world over the past few years, including:-
- ProxyLogon
- ProxyShell
- ProxyNotShell
- OWASSRF
- TabShell
State-sponsored cyber criminals in the following countries have found these flaws to be valuable assets in their arsenal of attacks:-
- Iran
- Russia
- China
It is strongly recommended that organizations that rely on Microsoft Exchange Server apply the latest cumulative updates to that server immediately to prevent future exploitation.
Go to Source
Author: Guru