October 2, 2023

Microsoft Patched 70 CVEs in its June Patch Tuesday Release, with six rated as critical, 62 rated as important, 1 rated as moderate and 1 rated as low.

This month’s update includes patches for:

  • .NET Core
  • 3D Builder
  • Azure Service Fabric Container
  • Microsoft Bluetooth Driver
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Local Security Authority Server (lsasrv)
  • Microsoft Message Queuing
  • Microsoft Office
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft WDAC OLE DB provider for SQL
  • Visual Studio Code
  • Windows ALPC
  • Windows Ancillary Function Driver for WinSock
  • Windows Authentication Methods
  • Windows Backup Engine
  • Windows Bind Filter Driver
  • Windows BitLocker
  • Windows Boot Manager
  • Windows Credential Manager
  • Windows Cryptographic Services
  • Windows DWM Core Library
  • Windows Error Reporting
  • Windows Event Tracing
  • Windows IKE Extension
  • Windows Installer
  • Windows Internet Key Exchange (IKE) Protocol
  • Windows iSCSI
  • Windows Kernel
  • Windows Layer 2 Tunneling Protocol
  • Windows LDAP – Lightweight Directory Access Protocol
  • Windows Local Security Authority (LSA)
  • Windows Local Session Manager (LSM)
  • Windows Malicious Software Removal Tool
  • Windows Management Instrumentation
  • Windows MSCryptDImportKey
  • Windows NTLM
  • Windows ODBC Driver
  • Windows Overlay Filter
  • Windows Point-to-Point Tunneling Protocol
  • Windows Print Spooler Components
  • Windows Remote Access Service L2TP Driver
  • Windows RPC API
  • Windows Secure Socket Tunneling Protocol (SSTP)
  • Windows Smart Card
  • Windows Task Scheduler
  • Windows Virtual Registry Provider
  • Windows Workstation Service
Advertisements

Microsoft SharePoint Server EoP Vulnerability

CVE-2023-29357 is an EoP vulnerability in Microsoft SharePoint Server 2019 with a CVSSv3 score of 9.8 and rated critical. A remote, unauthenticated attacker can exploit the vulnerability by sending a spoofed JWT authentication token to a vulnerable server giving them the privileges of an authenticated user on the target.

No user interaction is required for an attacker to exploit this flaw. Microsoft also provides mitigation guidance for the vulnerability that says users that use Microsoft Defender in their SharePoint Server farm(s) and have AMSI enabled are not affected. CVE-2023-29357 was given a rating of Exploitation More Likely.

Windows Pragmatic General Multicast (PGM) RCE Vulnerability

CVE-2023-29363, CVE-2023-32014 and CVE-2023-32015 are RCEs in Windows operating systems that were each given a CVSSv3 of 9.8 and rated critical. The vulnerability lies in the operating systems’ implementation of Pragmatic General Multicast (PGM), an experimental multicast protocol, in the Windows message queueing service component.

A remote, unauthenticated attacker could exploit these flaws by sending a malicious file to a vulnerable target. Microsoft’s mitigation guidance states that for a system to be vulnerable, it must have message queueing services enabled. As successful exploitation of these vulnerabilities requires that the Windows message queueing service is enabled,

Advertisements

Microsoft Exchange Server RCE Vulnerability

CVE-2023-28310 and CVE-2023-32031 are RCEs in several versions of Microsoft Exchange Server that are both rated as important and with a CVSSv3 scores of 8.0 and 8.8 respectively.

CVE-2023-28310 can be exploited by an authenticated attacker on the local network to execute commands on the target through a remote PowerShell Session. CVE-2023-32031 allows a remote, authenticated attacker to target server accounts using network calls to trigger arbitrary code execution. Both CVE-2023-32031 and CVE-2023-28310 were given a rating of “Exploitation More Likely” and affect Microsoft Exchange Server 2016 Cumulative Update 23 and 2019 Cumulative Updates 12 and 13.

Remote Desktop Client RCE Vulnerability

CVE-2023-29362 is a RCE in Windows operating systems with a CVSSv3 score of 8.8 and rated as important. The flaw lies in the Remote Desktop Client component of Windows operating systems and the Remote Desktop Client for Windows Desktop application. The vulnerability can be exploited by a remote, unauthenticated attacker with control over a Remote Desktop Server, when a user connects to an attacker-controlled Server using the vulnerable client.

Windows 10 21H2 End of Life

Microsoft announced that Windows 10 21H2 has reached its end of life for Home, Pro, Pro Education, and Pro for Workstations editions. This means that users of these versions of Windows 10 21H2 will no longer receive security updates and should upgrade as soon as possible.

Advertisements

Detailed report

CVE IDTitleCriticality
CVE-2023-24897.NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilityCritical
CVE-2023-29357Microsoft SharePoint Server Elevation of Privilege VulnerabilityCritical
CVE-2023-32013Windows Hyper-V Denial of Service VulnerabilityCritical
CVE-2023-29363Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCritical
CVE-2023-32014Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCritical
CVE-2023-32015Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCritical
CVE-2023-24895.NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilityImportant
CVE-2023-33126.NET and Visual Studio Remote Code Execution VulnerabilityImportant
CVE-2023-33135.NET and Visual Studio Elevation of Privilege VulnerabilityImportant
CVE-2023-32032.NET and Visual Studio Elevation of Privilege VulnerabilityImportant
CVE-2023-32030.NET and Visual Studio Denial of Service VulnerabilityImportant
CVE-2023-33128.NET and Visual Studio Remote Code Execution VulnerabilityImportant
CVE-2023-29331.NET, .NET Framework, and Visual Studio Denial of Service VulnerabilityImportant
CVE-2023-29326.NET Framework Remote Code Execution VulnerabilityImportant
CVE-2023-33141Yet Another Reverse Proxy (YARP) Denial of Service VulnerabilityImportant
CVE-2023-21569Azure DevOps Server Spoofing VulnerabilityImportant
CVE-2023-21565Azure DevOps Server Spoofing VulnerabilityImportant
CVE-2023-24896Dynamics 365 Finance Spoofing VulnerabilityImportant
CVE-2023-33145Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityImportant
CVE-2023-32031Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
CVE-2023-28310Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
CVE-2023-33146Microsoft Office Remote Code Execution VulnerabilityImportant
CVE-2023-33133Microsoft Excel Remote Code Execution VulnerabilityImportant
CVE-2023-32029Microsoft Excel Remote Code Execution VulnerabilityImportant
CVE-2023-33137Microsoft Excel Remote Code Execution VulnerabilityImportant
CVE-2023-33140Microsoft OneNote Spoofing VulnerabilityImportant
CVE-2023-33131Microsoft Outlook Remote Code Execution VulnerabilityImportant
CVE-2023-33142Microsoft SharePoint Server Elevation of Privilege VulnerabilityImportant
CVE-2023-33129Microsoft SharePoint Denial of Service VulnerabilityImportant
CVE-2023-33130Microsoft SharePoint Server Spoofing VulnerabilityImportant
CVE-2023-33132Microsoft SharePoint Server Spoofing VulnerabilityImportant
CVE-2023-32024Microsoft Power Apps Spoofing VulnerabilityImportant
CVE-2023-32017Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityImportant
CVE-2023-29372Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
CVE-2023-29370Windows Media Remote Code Execution VulnerabilityImportant
CVE-2023-29365Windows Media Remote Code Execution VulnerabilityImportant
CVE-2023-29337NuGet Client Remote Code Execution VulnerabilityImportant
CVE-2023-29362Remote Desktop Client Remote Code Execution VulnerabilityImportant
CVE-2023-29352Windows Remote Desktop Security Feature Bypass VulnerabilityImportant
CVE-2023-32020Windows DNS Spoofing VulnerabilityImportant
CVE-2023-29007GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`Important
CVE-2023-33139Visual Studio Information Disclosure VulnerabilityImportant
CVE-2023-25652GitHub: CVE-2023-25652 “git apply –reject” partially-controlled arbitrary file writeImportant
CVE-2023-25815GitHub: CVE-2023-25815 Git looks for localized messages in an unprivileged placeImportant
CVE-2023-27911AutoDesk: CVE-2023-27911 Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or priorImportant
CVE-2023-27910AutoDesk: CVE-2023-27910 stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or priorImportant
CVE-2023-29011GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placingImportant
CVE-2023-29012GitHub: CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in current directory, if it existsImportant
CVE-2023-27909AutoDesk: CVE-2023-27909 Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or priorImportant
CVE-2023-33144Visual Studio Code Spoofing VulnerabilityImportant
CVE-2023-29364Windows Authentication Elevation of Privilege VulnerabilityImportant
CVE-2023-32010Windows Bus Filter Driver Elevation of Privilege VulnerabilityImportant
CVE-2023-29361Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportant
CVE-2023-32009Windows Collaborative Translation Framework Elevation of Privilege VulnerabilityImportant
CVE-2023-32012Windows Container Manager Service Elevation of Privilege VulnerabilityImportant
CVE-2023-24937Windows CryptoAPI Denial of Service VulnerabilityImportant
CVE-2023-24938Windows CryptoAPI Denial of Service VulnerabilityImportant
CVE-2023-29355DHCP Server Service Information Disclosure VulnerabilityImportant
CVE-2023-29368Windows Filtering Platform Elevation of Privilege VulnerabilityImportant
CVE-2023-29358Windows GDI Elevation of Privilege VulnerabilityImportant
CVE-2023-29366Windows Geolocation Service Remote Code Execution VulnerabilityImportant
CVE-2023-29351Windows Group Policy Elevation of Privilege VulnerabilityImportant
CVE-2023-32018Windows Hello Remote Code Execution VulnerabilityImportant
CVE-2023-32016Windows Installer Information Disclosure VulnerabilityImportant
CVE-2023-32011Windows iSCSI Discovery Service Denial of Service VulnerabilityImportant
CVE-2023-32019Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2023-29346NTFS Elevation of Privilege VulnerabilityImportant
CVE-2023-29373Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
CVE-2023-29367iSCSI Target WMI Provider Remote Code Execution VulnerabilityImportant
CVE-2023-29369Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
CVE-2023-32008Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityImportant
CVE-2023-32022Windows Server Service Security Feature Bypass VulnerabilityImportant
CVE-2023-32021Windows SMB Witness Service Security Feature Bypass VulnerabilityImportant
CVE-2023-29360Windows TPM Device Driver Elevation of Privilege VulnerabilityImportant
CVE-2023-29371Windows GDI Elevation of Privilege VulnerabilityImportant
CVE-2023-29359GDI Elevation of Privilege VulnerabilityImportant
CVE-2023-29345Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityLow
CVE-2023-29353Sysinternals Process Monitor for Windows Denial of Service VulnerabilityLow
CVE-2023-24936.NET, .NET Framework, and Visual Studio Elevation of Privilege VulnerabilityModerate
CVE-2023-33143Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityModerate
CVE-2023-2941Chromium: CVE-2023-2941 Inappropriate implementation in Extensions APIUnknown
CVE-2023-2937Chromium: CVE-2023-2937 Inappropriate implementation in Picture In PictureUnknown
CVE-2023-2936Chromium: CVE-2023-2936 Type Confusion in V8Unknown
CVE-2023-2935Chromium: CVE-2023-2935 Type Confusion in V8Unknown
CVE-2023-2940Chromium: CVE-2023-2940 Inappropriate implementation in DownloadsUnknown
CVE-2023-2939Chromium: CVE-2023-2939 Insufficient data validation in InstallerUnknown
CVE-2023-2938Chromium: CVE-2023-2938 Inappropriate implementation in Picture In PictureUnknown
CVE-2023-2931Chromium: CVE-2023-2931 Use after free in PDFUnknown
CVE-2023-2930Chromium: CVE-2023-2930 Use after free in ExtensionsUnknown
CVE-2023-2929Chromium: CVE-2023-2929 Out of bounds write in SwiftshaderUnknown
CVE-2023-2934Chromium: CVE-2023-2934 Out of bounds memory access in MojoUnknown
CVE-2023-2933Chromium: CVE-2023-2933 Use after free in PDFUnknown
CVE-2023-2932Chromium: CVE-2023-2932 Use after free in PDFUnknown
CVE-2023-3079Chromium: CVE-2023-3079 Type Confusion in V8Unknown
Tags:

Leave a Reply

You may have missed

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023

Exim Mail Transfer Server Vulnerabilities

September 30, 2023
%d bloggers like this: