The Windows June 2023 Patch Tuesday 4 critical vulnerabilites, ends patches for 21H2

Microsoft has released the June 2023 security patches for the Windows operating system, Microsoft Office, and other company products. The updates are available through Windows Update. System administrators have the option to expedite the installation of these security updates.

One of the vulnerabilities addressed by Microsoft is CVE-2023-32019 - a Kernel vulnerability that affects multiple versions of Windows, including Windows 10 versions 1607, 1809, 20H2, 21H2, and 22H2, Windows 11 versions 21H2 and 22H2, and Windows Server 2022. However, the fix for this vulnerability is not enabled by default. System administrators need to set a Registry key to enable the fix. More details are available here.

In the June 2023 security updates, Microsoft has released patches for a total of 73 Common Vulnerabilities and Exposures (CVEs) for Microsoft products and 22 CVEs for non-Microsoft products. These security updates cover all supported client and server versions of Windows.

Please note that Windows 10 version 21H2 has reached the end of servicing, and no further updates will be released for that version. Users are advised to update their devices to Windows 10 version 22H2, which continues to receive support.

The distribution of patches vulnerabilities across different Windows versions is as follows:

- Windows 10 version 21H2: 29 vulnerabilities, 4 critical, and 25 important
- Windows 10 version 22H2: 29 vulnerabilities, 4 critical, and 25 important
- Windows 11 version 21H2: 29 vulnerabilities, 4 critical, and 25 important
- Windows 11 version 22H2: 31 vulnerabilities, 4 critical, and 27 important

Windows Server products also have their specific vulnerabilities:

- Windows Server 2008 R2 (extended support only): 18 vulnerabilities, 3 critical, and 15 important
- Windows Server 2012 R2: 23 vulnerabilities, 3 critical, and 20 important
- Windows Server 2016: 28 vulnerabilities, 3 critical, and 25 important
- Windows Server 2019: 32 vulnerabilities, 4 critical, and 28 important
- Windows Server 2022: 34 vulnerabilities, 4 critical, and 30 important

Taking into account insights provided by security researchers from Zero Day Initiative (ZD) and other sources, the vulnerabilities that demand increased attention for the June 2023 Patch Tuesday release:

• CVE-2023-32031, pertains to Microsoft Exchange Server and involves a remote code execution (RCE) flaw. This vulnerability is not new, as Microsoft has previously addressed numerous RCE bugs affecting Exchange Server. CVE-2023-32031 specifically bypasses the fixes implemented for CVE-2022-41082 and CVE-2023-21529, the latter of which is currently being actively exploited.
• CVE-2023-28310, is also related to Microsoft Exchange Server and involves a remote code execution flaw. Like its counterpart, this vulnerability is classified as important but is deemed more likely to be exploited. Similar to the previous vulnerability, exploitation requires the attacker to be authenticated with valid credentials.
• CVE-2023-29357, a critical-rated vulnerability affecting Microsoft SharePoint Server. This vulnerability allows the bypassing of authentication by exploiting a flaw within the ValidateTokenIssuer method. While Microsoft suggests enabling the Antimalware Scan Interface (AMSI) feature as a mitigation measure, organizations are strongly advised to promptly implement the provided update. Exploitation of this vulnerability involves sending a falsified JWT authentication token to a vulnerable server, effectively granting the attacker the privileges of an authenticated user on the target system.
• CVE-2023-29363, CVE-2023-32014, and CVE-2023-32015, which pertain to the Windows Pragmatic General Multicast (PGM) component. These vulnerabilities permit remote and unauthenticated attackers to execute code on a compromised system running the messaging queuing service in a Pragmatic General Multicast (PGM) Server environment. Notably, this marks the third consecutive month in which Microsoft has addressed a critical-rated vulnerability in this component.

Additionally, security updates are released for various other Microsoft products and components, such as Windows Server, .NET Framework, and Azure Stack HCI.