Microsoft Patches multiple remote execution flaws, five critical bugs
Take action: Time for the regular update of your Microsoft products. Interestingly, this month the critical and priority issues are in Visual Studio and Microsoft Word - only one in Windows. But the rule of "apply patches and go for a walk" still works perfectly well.
Learn More
Microsoft's Patch Tuesday for September 2023 has addressed a total of 59 vulnerabilities, which encompass a diverse range of issues that could potentially compromise system integrity and data security. Among these, two zero-day vulnerabilities have garnered significant attention, as they are actively exploited prior to the release of fixes.
Out of the 59 vulnerabilities, 24 of them are related to Remote Code Execution (RCE) - a critical category that can allow attackers to take control of a system remotely. Among these RCE vulnerabilities, Microsoft has classified four as 'Critical,' indicating their severity and potential for widespread damage. Additionally, there is a 'Critical' vulnerability associated with Azure Kubernetes Service, which pertains to the elevation of privilege within the service.
The most critical aspects of this Patch Tuesday release are the two actively exploited zero-day vulnerabilities:
- CVE-2023-36802 - Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability: This flaw allowed attackers to exploit a local privilege elevation vulnerability, granting them SYSTEM privileges.
- CVE-2023-36761 - Microsoft Word Information Disclosure Vulnerability: This vulnerability was actively exploited and could be utilized to steal NTLM hashes when opening a document, including in the preview pane. These stolen hashes could potentially be exploited in NTLM Relay attacks to gain unauthorized access to user accounts.
Critical vulnerabilities patched in this release are:
- CVE-2023-36796 - Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36792 - Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36793 - Visual Studio Remote Code Execution Vulnerability
- CVE-2023-29332 - Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
- CVE-2023-38148 - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
The distribution of vulnerabilities across different categories is as follows:
- 3 Security Feature Bypass Vulnerabilities
- 24 Remote Code Execution Vulnerabilities
- 9 Information Disclosure Vulnerabilities
- 3 Denial of Service Vulnerabilities
- 5 Spoofing Vulnerabilities
- 5 Edge - Chromium Vulnerabilities
The total count of 59 flaws excludes five vulnerabilities affecting Microsoft Edge (Chromium) as well as two non-Microsoft flaws associated with Electron and Autodesk.
