As we speak is Microsoft’s November 2023 Patch Tuesday, which incorporates safety updates for a complete of 58 flaws and 5 zero-day vulnerabilities.
Whereas fourteen distant code execution (RCE) bugs had been mounted, Microsoft solely rated one as essential. The three essential flaws mounted at present are anĀ Azure data disclosure bug, an RCE in Home windows Web Connection Sharing (ICS), and a Hyper-V escape flaw that permits the executions of applications on the host with SYSTEM privileges.
The variety of bugs in every vulnerability class is listed under:
- 26 Elevation of Privilege Vulnerabilities
- 3 Safety Characteristic Bypass Vulnerabilities
- 45 Distant Code Execution Vulnerabilities
- 12 Data Disclosure Vulnerabilities
- 17 Denial of Service Vulnerabilities
- 1 Spoofing Vulnerabilities
The entire depend of 58 flaws doesn’t embrace 5 Mariner safety updates and 20 Microsoft Edge safety updates launched earlier this month.
To study extra in regards to the non-security updates launched at present, you possibly can overview our devoted articles on the brand newĀ Home windows 11 KB5032190 cumulative replaceĀ andĀ Home windows 10 KB5032189 cumulative replace.
5 zero-days mounted
This month’s Patch Tuesday fixes 5 zero-day vulnerabilities, with three exploited in assaults and three publicly disclosed.
Microsoft classifies a vulnerability as a zero-day whether it is publicly disclosed or actively exploited with no official repair out there.
The three actively exploited zero-day vulnerabilities in at present’s updates are:
CVE-2023-36036 – Home windows Cloud Recordsdata Mini Filter Driver Elevation of Privilege Vulnerability
Microsoft has mounted an actively exploited Home windows Cloud Recordsdata Mini Filter Elevation of Privileges bug.
“An attacker who efficiently exploited this vulnerability might acquire SYSTEM privileges,” explains Microsoft.
It isn’t recognized how the flaw was abused in assaults or by what menace actor.
The flaw was found internally by the Microsoft Menace Intelligence Microsoft Safety Response Heart.
CVE-2023-36033 – Home windows DWM Core Library Elevation of Privilege Vulnerability
Microsoft has mounted an actively exploited and publicly disclosedĀ Home windows DWM Core Library vulnerability that can be utilized to raise privileges to SYSTEM.
“An attacker who efficiently exploited this vulnerability might acquire SYSTEM privileges,” explains Microsoft.
Microsoft says that the flaw was found byĀ Quan Jin(@jq0904)Ā withĀ DBAPPSecurity WeBin LabĀ however didn’t share particulars on how they had been utilized in assaults.
CVE-2023-36025 –Ā Home windows SmartScreen Safety Characteristic Bypass Vulnerability
Microsoft has mounted an actively exploited Home windows SmartScreen flaw that permits a malicious Web Shortcut to bypass safety checks and warnings.
“The attacker would have the ability to bypass Home windows Defender SmartScreen checks and their related prompts,” explains Microsoft.
“The person must click on on a specifically crafted Web Shortcut (.URL) or a hyperlink pointing to an Web Shortcut file to be compromised by the attacker,” continues Microsoft.
Microsoft says that the flawĀ wasĀ found by Will Metcalf (Splunk), Microsoft Menace Intelligence, and the Microsoft Workplace Product Group Safety Crew.
BleepingComputer contacted Splunk in regards to the flaw to study the way it was exploited.
As well as, Microsoft says that two different publicly disclosed zero-day bugs, ‘CVE-2023-36413 –Ā Microsoft Workplace Safety Characteristic Bypass Vulnerability’Ā and the ‘CVE-2023-36038 — ASP.NET Core Denial of Service Vulnerability,’ had been additionally mounted as a part of at present’s Patch Tuesday.
Nevertheless, Microsoft says that they weren’t actively exploited in assaults.
Latest updates from different corporations
Different distributors who launched updates or advisories in November 2023 embrace:
The November 2023Ā Patch Tuesday Safety Updates
Beneath is the entire listing of resolved vulnerabilities within the November 2023 Patch Tuesday updates.
To entry the complete description of every vulnerability and the techniquesĀ it impacts, you possibly can view the full report right here.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Framework | CVE-2023-36049 | .NET, .NET Framework, and Visible Studio Elevation of Privilege Vulnerability | Essential |
| ASP.NET | CVE-2023-36560 | ASP.NET Safety Characteristic Bypass Vulnerability | Essential |
| ASP.NET | CVE-2023-36038 | ASP.NET Core Denial of Service Vulnerability | Essential |
| ASP.NET | CVE-2023-36558 | ASP.NET Core – Safety Characteristic Bypass Vulnerability | Essential |
| Azure | CVE-2023-36052 | Azure CLI REST Command Data Disclosure Vulnerability | Crucial |
| Azure | CVE-2023-38151 | Microsoft Host Integration Server 2020 Distant Code Execution Vulnerability | Essential |
| Azure | CVE-2023-36021 | Microsoft On-Prem Information Gateway Safety Characteristic Bypass Vulnerability | Essential |
| Azure DevOps | CVE-2023-36437 | Azure DevOps Server Distant Code Execution Vulnerability | Essential |
| Mariner | CVE-2020-1747 | Unknown | Unknown |
| Mariner | CVE-2023-46316 | Unknown | Unknown |
| Mariner | CVE-2023-46753 | Unknown | Unknown |
| Mariner | CVE-2020-8554 | Unknown | Unknown |
| Mariner | CVE-2020-14343 | Unknown | Unknown |
| Microsoft Bluetooth Driver | CVE-2023-24023 | Mitre: CVE-2023-24023 Bluetooth Vulnerability | Essential |
| Microsoft Dynamics | CVE-2023-36016 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Essential |
| Microsoft Dynamics | CVE-2023-36007 | Microsoft Ship Buyer Voice survey from Dynamics 365 Spoofing Vulnerability | Essential |
| Microsoft Dynamics | CVE-2023-36031 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Essential |
| Microsoft Dynamics | CVE-2023-36410 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Essential |
| Microsoft Dynamics 365 Gross sales | CVE-2023-36030 | Microsoft Dynamics 365 Gross sales Spoofing Vulnerability | Essential |
| Microsoft Edge (Chromium-based) | CVE-2023-36014 | Microsoft Edge (Chromium-based) Distant Code Execution Vulnerability | Reasonable |
| Microsoft Edge (Chromium-based) | CVE-2023-5996 | Chromium: CVE-2023-5996 Use after free in WebAudio | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-36022 | Microsoft Edge (Chromium-based) Distant Code Execution Vulnerability | Reasonable |
| Microsoft Edge (Chromium-based) | CVE-2023-36027 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Essential |
| Microsoft Edge (Chromium-based) | CVE-2023-36029 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Reasonable |
| Microsoft Edge (Chromium-based) | CVE-2023-5480 | Chromium: CVE-2023-5480 Inappropriate implementation in Funds | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5856 | Chromium: CVE-2023-5856 Use after free in Facet Panel | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5855 | Chromium: CVE-2023-5855 Use after free in Studying Mode | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5854 | Chromium: CVE-2023-5854 Use after free in Profiles | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5859 | Chromium: CVE-2023-5859 Incorrect safety UI in Image In Image | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5858 | Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Supplier | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5857 | Chromium: CVE-2023-5857 Inappropriate implementation in Downloads | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5850 | Chromium: CVE-2023-5850 Incorrect safety UI in Downloads | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5849 | Chromium: CVE-2023-5849 Integer overflow in USB | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5482 | Chromium: CVE-2023-5482 Inadequate information validation in USB | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5853 | Chromium: CVE-2023-5853 Incorrect safety UI in Downloads | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5852 | Chromium: CVE-2023-5852 Use after free in Printing | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-5851 | Chromium: CVE-2023-5851 Inappropriate implementation in Downloads | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-36024 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Essential |
| Microsoft Edge (Chromium-based) | CVE-2023-36034 | Microsoft Edge (Chromium-based) Distant Code Execution Vulnerability | Reasonable |
| Microsoft Change Server | CVE-2023-36439 | Microsoft Change Server Distant Code Execution Vulnerability | Essential |
| Microsoft Change Server | CVE-2023-36050 | Microsoft Change Server Spoofing Vulnerability | Essential |
| Microsoft Change Server | CVE-2023-36039 | Microsoft Change Server Spoofing Vulnerability | Essential |
| Microsoft Change Server | CVE-2023-36035 | Microsoft Change Server Spoofing Vulnerability | Essential |
| Microsoft Workplace | CVE-2023-36413 | Microsoft Workplace Safety Characteristic Bypass Vulnerability | Essential |
| Microsoft Workplace | CVE-2023-36045 | Microsoft Workplace Graphics Distant Code Execution Vulnerability | Essential |
| Microsoft Workplace Excel | CVE-2023-36041 | Microsoft Excel Distant Code Execution Vulnerability | Essential |
| Microsoft Workplace Excel | CVE-2023-36037 | Microsoft Excel Safety Characteristic Bypass Vulnerability | Essential |
| Microsoft Workplace SharePoint | CVE-2023-38177 | Microsoft SharePoint Server Distant Code Execution Vulnerability | Essential |
| Microsoft Distant Registry Service | CVE-2023-36423 | Microsoft Distant Registry Service Distant Code Execution Vulnerability | Essential |
| Microsoft Distant Registry Service | CVE-2023-36401 | Microsoft Distant Registry Service Distant Code Execution Vulnerability | Essential |
| Microsoft WDAC OLE DB supplier for SQL | CVE-2023-36402 | Microsoft WDAC OLE DB supplier for SQL Server Distant Code Execution Vulnerability | Essential |
| Microsoft Home windows Search Element | CVE-2023-36394 | Home windows Search Service Elevation of Privilege Vulnerability | Essential |
| Microsoft Home windows Speech | CVE-2023-36719 | Microsoft Speech Software Programming Interface (SAPI) Elevation of Privilege Vulnerability | Essential |
| Open Administration Infrastructure | CVE-2023-36043 | Open Administration Infrastructure Data Disclosure Vulnerability | Essential |
| Pill Home windows Person Interface | CVE-2023-36393 | Home windows Person Interface Software Core Distant Code Execution Vulnerability | Essential |
| Visible Studio | CVE-2023-36042 | Visible Studio Denial of Service Vulnerability | Essential |
| Visible Studio Code | CVE-2023-36018 | Visible Studio Code Jupyter Extension Spoofing Vulnerability | Essential |
| Home windows Authentication Strategies | CVE-2023-36047 | Home windows Authentication Elevation of Privilege Vulnerability | Essential |
| Home windows Authentication Strategies | CVE-2023-36428 | Microsoft Native Safety Authority Subsystem Service Data Disclosure Vulnerability | Essential |
| Home windows Authentication Strategies | CVE-2023-36046 | Home windows Authentication Denial of Service Vulnerability | Essential |
| Home windows Cloud Recordsdata Mini Filter Driver | CVE-2023-36036 | Home windows Cloud Recordsdata Mini Filter Driver Elevation of Privilege Vulnerability | Essential |
| Home windows Widespread Log File System Driver | CVE-2023-36424 | Home windows Widespread Log File System Driver Elevation of Privilege Vulnerability | Essential |
| Home windows Compressed Folder | CVE-2023-36396 | Home windows Compressed Folder Distant Code Execution Vulnerability | Essential |
| Home windows Defender | CVE-2023-36422 | Microsoft Home windows Defender Elevation of Privilege Vulnerability | Essential |
| Home windows Deployment Companies | CVE-2023-36395 | Home windows Deployment Companies Denial of Service Vulnerability | Essential |
| Home windows DHCP Server | CVE-2023-36392 | DHCP Server Service Denial of Service Vulnerability | Essential |
| Home windows Distributed File System (DFS) | CVE-2023-36425 | Home windows Distributed File System (DFS) Distant Code Execution Vulnerability | Essential |
| Home windows DWM Core Library | CVE-2023-36033 | Home windows DWM Core Library Elevation of Privilege Vulnerability | Essential |
| Home windows HMAC Key Derivation | CVE-2023-36400 | Home windows HMAC Key Derivation Elevation of Privilege Vulnerability | Crucial |
| Home windows Hyper-V | CVE-2023-36427 | Home windows Hyper-V Elevation of Privilege Vulnerability | Essential |
| Home windows Hyper-V | CVE-2023-36407 | Home windows Hyper-V Elevation of Privilege Vulnerability | Essential |
| Home windows Hyper-V | CVE-2023-36406 | Home windows Hyper-V Data Disclosure Vulnerability | Essential |
| Home windows Hyper-V | CVE-2023-36408 | Home windows Hyper-V Elevation of Privilege Vulnerability | Essential |
| Home windows Installer | CVE-2023-36705 | Home windows Installer Elevation of Privilege Vulnerability | Essential |
| Home windows Web Connection Sharing (ICS) | CVE-2023-36397 | Home windows Pragmatic Common Multicast (PGM) Distant Code Execution Vulnerability | Crucial |
| Home windows Kernel | CVE-2023-36405 | Home windows Kernel Elevation of Privilege Vulnerability | Essential |
| Home windows Kernel | CVE-2023-36404 | Home windows Kernel Data Disclosure Vulnerability | Essential |
| Home windows Kernel | CVE-2023-36403 | Home windows Kernel Elevation of Privilege Vulnerability | Essential |
| Home windows NTFS | CVE-2023-36398 | Home windows NTFS Data Disclosure Vulnerability | Essential |
| Home windows Protected EAP (PEAP) | CVE-2023-36028 | Microsoft Protected Extensible Authentication Protocol (PEAP) Distant Code Execution Vulnerability | Essential |
| Home windows Scripting | CVE-2023-36017 | Home windows Scripting Engine Reminiscence Corruption Vulnerability | Essential |
| Home windows SmartScreen | CVE-2023-36025 | Home windows SmartScreen Safety Characteristic Bypass Vulnerability | Essential |
| Home windows Storage | CVE-2023-36399 | Home windows Storage Elevation of Privilege Vulnerability | Essential |
