Microsoft's September Patch Report Identified 2 Major Cyber Security Flaws
Today Microsoft has released their Tuesday monthly patch containing fixes for 59 flaws, and two actively exploited vulnerabilities.
3 Security Feature Bypass Vulnerabilities
24 Remote Code Execution Vulnerabilities
9 Information Disclosure Vulnerabilities
3 Denial of Service Vulnerabilities
5 Spoofing Vulnerabilities
5 Edge - Chromium Vulnerabilities
The total count of 59 flaws does not include five Microsoft Edge (Chromium) vulnerabilities, two non-Microsoft flaws in Electron and Autodesk.
Two actively exploited zero-day vulnerabilities
CVE-2023-36802 - Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges. The flaw was discovered by Quan Jin(@jq0904) & ze0r with DBAPPSecurity WeBin Lab, Valentina Palmiotti with IBM X-Force, Microsoft Threat Intelligence, and Microsoft Security Response Center.
CVE-2023-36761 - Microsoft Word Information Disclosure Vulnerability. Microsoft has fixed an actively exploited vulnerability that can be used to steal NTLM hashes when opening a document, including in the preview pane. These NTLM hashes can be cracked or used in NTLM Relay attacks to gain access to the account. This flaw was discovered internally by the Microsoft Threat Intelligence group.
Internet Connection Sharing (ICS) RCE Vulnerability
One of the most critical vulnerabilities patched this month includes ‘Internet Connection Sharing (ICS)’. If enabled, attackers could end up executing code remotely to a victim’s device. While CVE-2023-38148 does have a CVSS base score of 8.8 and is more likely to be exploited according to Microsoft.
Visual Studio RCE Vulnerabilities
The majority of critically rated vulnerabilities this month are in Visual Studio. CVE-2023-36792, CVE-2023-36793, and CVE-2023-36796 are all rated as critical. In the case of these three vulnerabilities, the "remote" part only refers to the location of the attacker, the actual exploitation of the vulnerability must be done locally. CVE-2023-36794 is the last of the vulnerabilities fixed for Visual Studio this month but has the exact same description, however less severely rated than the other three mentioned.
Full List of September Patch Below:
CVE-2023-36794 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Important
CVE-2023-36796 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Critical
CVE-2023-36792 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Critical
CVE-2023-36793 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Critical
CVE-2023-36799 - With a CVSS score of 6.5 | Vulnerability: NET Core and Visual Studio Denial of Service | Important
CVE-2023-36788 - With a CVSS score of 7.8 | Vulnerability: NET Framework Remote Code Execution | Important
CVE-2023-36772 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important
CVE-2023-36771 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important
CVE-2023-36770 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important
CVE-2023-36773 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important
CVE-2022-41303 - No CVSS score | Vulnerability: AutoDesk: CVE-2022-41303 use-after-free in Autodesk® FBX® SDK 2020 or prior | Important
CVE-2023-36760 - With a CVSS score of 7.8 | Vulnerability: 3D Viewer Remote Code Execution | Important
CVE-2023-36740 - With a CVSS score of 7.8 | Vulnerability: 3D Viewer Remote Code Execution | Important
CVE-2023-36739 - With a CVSS score of 7.8 | Vulnerability: 3D Viewer Remote Code Execution | Important
CVE-2023-33136 - With a CVSS score of 8.8 | Vulnerability: Azure DevOps Server Remote Code Execution | Important
CVE-2023-38155 - With a CVSS score of 7.0 | Vulnerability: Azure DevOps Server Remote Code Execution | Important
CVE-2023-38156 - With a CVSS score of 7.2 | Vulnerability: Azure HDInsight Apache Ambari Elevation of Privilege | Important
CVE-2023-29332 - With a CVSS score of 7.5 | Vulnerability: Microsoft Azure Kubernetes Service Elevation of Privilege | Critical
CVE-2023-38164 - With a CVSS score of 7.6 | Vulnerability: Microsoft Dynamics 365 (on-premises) Cross-site Scripting | Important
CVE-2023-36886 - With a CVSS score of 7.6 | Vulnerability: Microsoft Dynamics 365 (on-premises) Cross-site Scripting | Important
CVE-2023-36800 - With a CVSS score of 7.6 | Vulnerability: Dynamics Finance and Operations Cross-site Scripting | Important
CVE-2023-4863 - No CVSS score | Vulnerability: Chromium: CVE-2023-4863 Heap buffer overflow in WebP | Unknown
CVE-2023-4763 - No CVSS score | Vulnerability: Chromium: CVE-2023-4763 Use after free in Networks | Unknown
CVE-2023-4761 - No CVSS score | Vulnerability: Chromium: CVE-2023-4761 Out of bounds memory access in FedCM | Unknown
CVE-2023-4764 - No CVSS score | Vulnerability: Chromium: CVE-2023-4764 Incorrect security UI in BFCache | Unknown
CVE-2023-4762 - No CVSS score | Vulnerability: Chromium: CVE-2023-4762 Type Confusion in V8 | Unknown
CVE-2023-36744 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important
CVE-2023-36756 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important
CVE-2023-36745 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important
CVE-2023-36777 - With a CVSS score of 5.7 | Vulnerability: Microsoft Exchange Server Information Disclosure | Important
CVE-2023-36757 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Spoofing | Important
CVE-2023-36736 - With a CVSS score of 4.4 | Vulnerability: Microsoft Identity Linux Broker Remote Code Execution | Important
CVE-2023-36767 - With a CVSS score of 4.3 | Vulnerability: Microsoft Office Security Feature Bypass | Important
CVE-2023-36765 - With a CVSS score of 7.8 | Vulnerability: Microsoft Office Elevation of Privilege | Important
CVE-2023-41764 - With a CVSS score of 5.5 | Vulnerability: Microsoft Office Spoofing | Moderate
CVE-2023-36766 - With a CVSS score of 7.8 | Vulnerability: Microsoft Excel Information Disclosure | Important
CVE-2023-36763 - With a CVSS score of 7.5 | Vulnerability: Microsoft Outlook Information Disclosure | Important
CVE-2023-36764 - With a CVSS score of 8.8 | Vulnerability: Microsoft SharePoint Server Elevation of Privilege | Important
CVE-2023-36761 - With a CVSS score of 6.2 | Vulnerability: Microsoft Word Information Disclosure | Important
CVE-2023-36762 - With a CVSS score of 7.3 | Vulnerability: Microsoft Word Remote Code Execution | Important
CVE-2023-36802 - With a CVSS score of 7.8 | Vulnerability: Microsoft Streaming Service Proxy Elevation of Privilege | Important
CVE-2023-38147 - With a CVSS score of 8.8 | Vulnerability: Windows Miracast Wireless Display Remote Code Execution | Important
CVE-2023-36758 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Elevation of Privilege | Important
CVE-2023-36759 - With a CVSS score of 6.7 | Vulnerability: Visual Studio Elevation of Privilege | Important
CVE-2023-36742 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Code Remote Code Execution | Important
CVE-2023-39956 - No CVSS score | Vulnerability: Electron - CVE-2023-39956 - Visual Studio Code Remote Code Execution | Important
CVE-2023-35355 - With a CVSS score of 7.8 | Vulnerability: Windows Cloud Files Mini Filter Driver Elevation of Privilege | Important
CVE-2023-38143 - With a CVSS score of 7.8 | Vulnerability: Windows Common Log File System Driver Elevation of Privilege | Important
CVE-2023-38144 - With a CVSS score of 7.8 | Vulnerability: Windows Common Log File System Driver Elevation of Privilege | Important
CVE-2023-38163 - With a CVSS score of 7.8 | Vulnerability: Windows Defender Attack Surface Reduction Security Feature Bypass | Important
CVE-2023-38152 - With a CVSS score of 5.3 | Vulnerability: DHCP Server Service Information Disclosure | Important
CVE-2023-38162 - With a CVSS score of 7.5 | Vulnerability: DHCP Server Service Denial of Service | Important
CVE-2023-36801 - With a CVSS score of 5.3 | Vulnerability: DHCP Server Service Information Disclosure | Important
CVE-2023-36804 - With a CVSS score of 7.8 | Vulnerability: Windows GDI Elevation of Privilege | Important
CVE-2023-38161 - With a CVSS score of 7.8 | Vulnerability: Windows GDI Elevation of Privilege | Important
CVE-2023-38148 - With a CVSS score of 8.8 | Vulnerability: Internet Connection Sharing (ICS) Remote Code Execution | Critical
CVE-2023-38141 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important
CVE-2023-38142 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important
CVE-2023-38139 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important
CVE-2023-38140 - With a CVSS score of 5.5 | Vulnerability: Windows Kernel Information Disclosure | Important
CVE-2023-38150 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important
CVE-2023-36803 - With a CVSS score of 5.5 | Vulnerability: Windows Kernel Information Disclosure | Important
CVE-2023-36805 - With a CVSS score of 7.0 | Vulnerability: Windows MSHTML Platform Security Feature Bypass | Important
CVE-2023-38160 - With a CVSS score of 5.5 | Vulnerability: Windows TCP/IP Information Disclosure | Important
CVE-2023-38149 - With a CVSS score of 7.5 | Vulnerability: Windows TCP/IP Denial of Service | Important
CVE-2023-38146 - With a CVSS score of 8.8 | Vulnerability: Windows Themes Remote Code Execution | Important
Check Out Our Related Articles Below:
Microsoft Patch Report & The NATO Summit Attack | August 2023
Microsoft July 2023 Patch Tuesday warns of 6 zero-days, 132 flaws
Microsoft Patch Fixes 80 Vulnerabilities | March 2023
Why Patching is IMPORTANT | “Cisco Talos” Reports Windows Policy Loophole Exploited at Kernel Level
Essential 8 | Patch Management
Your Security is our Priority
Your friendly Support Team
Speak to us about all your computer needs
This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.