Webinar Library
Since our last Patch Tuesday newsletter in September, Microsoft has released updates for 122 vulnerabilities with 104 of those being released today. This month we have three zero days (public/exploited) and another vulnerability being exploited although not publicly disclosed. CVE-2023-41763 fixes a Skype for Business exploit and CVE-2023-36563 fixes a WordPad exploit. CVE-2023-44487 will be more widespread as it exploits the HTTP/2's stream but do note that it's not publicly disclosed. Microsoft does recommend a few workarounds such as disabling the HTTP/2 protocol on your web servers and/or limiting your webapp to only HTTP1.1. For .NET and Kestral servers without HTTP/2 enabled there is nothing to do as these are not affected. There is also CVE-2023-5217 released by Google that affects Chromium-based Microsoft Edge. As you know I am connected to LOGbinder software which includes Supercharger for Windows Event Collection. We have been closely tracking a Microsoft bug related to security log forwarding and Windows 11. Microsoft released an update, KB5030310, which addresses a few issues with Windows Event Collection. So if you are using WEC/WEF and have Windows 11 endpoints forwarding events, you will want to test and deploy this update. A few of our customers discovered the issue when they saw that the number of securtiy log events began to decrease over the past few months. You can reach out to us at LOGbinder if you have any questions. If you have experienced this issue with WEC or if you've already applied the fix and it helped you, please let my LOGbinder team know.
Patch data provided by:
Technology
Products Affected
Severity
Reference
Workaround/ Exploited / Publicly Disclosed
Vulnerability Info
Windows
Windows 10, 11
Server 2008 SP2, 2008R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations
Critical
CVE-2023-29348 CVE-2023-35349 CVE-2023-36431 CVE-2023-36434 CVE-2023-36435 CVE-2023-36436 CVE-2023-36438 CVE-2023-36557 CVE-2023-36563* CVE-2023-36564 CVE-2023-36567 CVE-2023-36570 CVE-2023-36571 CVE-2023-36572 CVE-2023-36573 CVE-2023-36574 CVE-2023-36575 CVE-2023-36576 CVE-2023-36577 CVE-2023-36578 CVE-2023-36579 CVE-2023-36581 CVE-2023-36582 CVE-2023-36583 CVE-2023-36584 CVE-2023-36585 CVE-2023-36589 CVE-2023-36590 CVE-2023-36591 CVE-2023-36592 CVE-2023-36593 CVE-2023-36594 CVE-2023-36596 CVE-2023-36598 CVE-2023-36602 CVE-2023-36603 CVE-2023-36605 CVE-2023-36606 CVE-2023-36697 CVE-2023-36698 CVE-2023-36701 CVE-2023-36702 CVE-2023-36703 CVE-2023-36704 CVE-2023-36706 CVE-2023-36707 CVE-2023-36709 CVE-2023-36710 CVE-2023-36711 CVE-2023-36712 CVE-2023-36713 CVE-2023-36717 CVE-2023-36718 CVE-2023-36720 CVE-2023-36721 CVE-2023-36722 CVE-2023-36723 CVE-2023-36724 CVE-2023-36725 CVE-2023-36726 CVE-2023-36729 CVE-2023-36731 CVE-2023-36732 CVE-2023-36743 CVE-2023-36776 CVE-2023-36790 CVE-2023-36902 CVE-2023-38159 CVE-2023-38166 CVE-2023-38171 CVE-2023-41765 CVE-2023-41766 CVE-2023-41767 CVE-2023-41768 CVE-2023-41769 CVE-2023-41770 CVE-2023-41771 CVE-2023-41772 CVE-2023-41773 CVE-2023-41774 CVE-2023-44487*
Denial of Service
Elevation of Privilege
Information Disclosure
Remote Code Execution Security Feature Bypass
Edge
Chromium-based
Important
CVE-2023-1999 CVE-2023-36562 CVE-2023-36727 CVE-2023-36735 CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908 CVE-2023-4909 CVE-2023-5186 CVE-2023-5187 CVE-2023-5217* CVE-2023-5346
Workaround: No Exploited: Yes* Public: Yes
Elevation of Privilege Spoofing
Office
365 Apps for Enterprise 2019, LTSC 2021 2019 for Mac, LTSC for Mac 2021 Skype for Business Server 2015 CU13, 2019 CU7
for Android and Universal
CVE-2023-36565 CVE-2023-36568 CVE-2023-36569 CVE-2023-36780 CVE-2023-36786 CVE-2023-36789 CVE-2023-41763*
Elevation of Privilege Remote Code Execution
SQL Server
ODBC Driver 17 and 18 on Linux, MacOS and Windows OLE DB Drive 18 and 19 2014 SP3 CU4/GDR 2106 SP3 GDR and Azure Connect Feature Pack 2017 CU31/GDR 2019 CU22/GDR 2022 CU8/GDR
CVE-2023-36417 CVE-2023-36420 CVE-2023-36728 CVE-2023-36730 CVE-2023-36785
Workaround: No Exploited: No Public: No
Denial of Service Remote Code Execution
.NET
6 and 7 ASP.NET Core 6 and 7
CVE-2023-36435 CVE-2023-38171 CVE-2023-44487*
Visual Studio
2022 17.7 and earlier
Dynamics 365
On-Premises 9.0 & 9.1 Common Data Model SDK for C#, Phython, TypeScript and Java
CVE-2023-36416 CVE-2023-36429 CVE-2023-36433 CVE-2023-36566
Denial of Service Information Disclosure Spoofing
Exchange
Server 2016 CU23 Server 2019 CU12 & CU13
CVE-2023-36778
Remote Code Execution
Azure
DevOps Server 2020.0.2, 2020.1.2 Identity SDK for .NET, Pyhthon and Java RTOS GUIX Studio and Installer HDInsight Network Watcher VM Extension
CVE-2023-36414 CVE-2023-36415 CVE-2023-36418 CVE-2023-36419 CVE-2023-36561 CVE-2023-36737
System Center
MS Defender Security Intelligence Updates
CVE-2023-38163
Security Feature Bypass
Apps
3D Viewer 3D Builder
CVE-2022-41303 CVE-2023-36739 CVE-2023-36740 CVE-2023-36760 CVE-2023-36770 CVE-2023-36771 CVE-2023-36772 CVE-2023-36773