Microsoft Reveals 3 Spooky October Cyber Flaws

Cyber Security
Written By Sidney Kirkman
Microsoft Reveals 3 Spooky October Cyber Flaws

Microsoft's monthly patch rollout has arrived with a report scarier than Halloween, showing the never-ending exploits hackers find every month, and even every week. 104 flaws were patched, including three zero-day vulnerabilities that are being actively exploited. The most dangerous exploit RCE (Remote code execution) accounted for 45 of the issues fixed, with 12 of those vulnerabilities classified as 'Critical.

  • 26 Elevation of Privilege Vulnerabilities

  • 3 Security Feature Bypass Vulnerabilities

  • 45 Remote Code Execution Vulnerabilities

  • 12 Information Disclosure Vulnerabilities

  • 17 Denial of Service Vulnerabilities

  • 1 Spoofing Vulnerabilities

The total count of 104 flaws does not include one Chromium vulnerability 

Three actively exploited zero-day vulnerabilities:

As part of this month's Patch Tuesday, Microsoft has addressed and patched three zero-day vulnerabilities, all of which were used in targeted attacks:

CVE-2023-41763  - Skype for Business Elevation of Privilege Vulnerability

Microsoft has corrected a vulnerability in Skype for Business that was actively being abused. Microsoft has stated that if an attacker were able to exploit this flaw, they could gain access to certain sensitive information. 

"An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker.," explains Microsoft.

"While the attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability)."

Dr. Florian Hauser (@frycos) discovered the flaw, which he disclosed in September 2022, but Microsoft declined to fix it at the time until recently. 

CVE-2023-36563 - Microsoft WordPad Information Disclosure Vulnerability

Microsoft has successfully addressed a flaw that was being actively exploited to steal NTLM (Windows New Technology LAN Manager ) hashes through WordPad. 

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system," explains Microsoft.

"Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file."

The flaw was discovered by Microsoft Threat Intelligence last month when patching a related flaw, CVE-2023-36761, during last month's patch rollout.

CVE-2023-44487 - HTTP/2 Rapid Reset Attack

Microsoft has announced a newly discovered zero-day exploit that uses a DDoS attack method named 'HTTP/2 Rapid Reset'. Investigations found that the exploit has been active since August. This attack exploits the stream cancellation feature of HTTP/2 to send and cancel requests continuously to the targeted server/application resulting in DoS conditions. As this feature being exploited is built into the HTTP/2 protocol, it cannot be completely patched. Microsoft has proposed to recommend disabling the HTTP/2 protocol on your web server as a mitigation step and also issued a dedicated article on HTTP/2 Rapid Reset. 

Full Patch List of October Below:

  1. CVE-2023-36722 - With a CVSS score of 4.4 | Vulnerability: Active Directory Domain Services Information Disclosure | Important

  2. CVE-2023-36737 - With a CVSS score of 7.8 | Vulnerability: Azure Network Watcher VM Agent Elevation of Privilege |
    Important

  3. CVE-2023-36419 - With a CVSS score of 8.8 | Vulnerability: Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege | Important

  4. CVE-2023-36561 - With a CVSS score of 7.3 | Vulnerability: Azure DevOps Server Elevation of Privilege | Important

  5. CVE-2023-36418 - With a CVSS score of 7.8 | Vulnerability: Azure RTOS GUIX Studio Remote Code Execution | Important

  6. CVE-2023-36414 - With a CVSS score of 8.8 | Vulnerability: Azure Identity SDK Remote Code Execution | Important

  7. CVE-2023-36415 - With a CVSS score of 8.8 | Vulnerability: Azure Identity SDK Remote Code Execution | Important

  8. CVE-2023-41766 - With a CVSS score of 7.8 | Vulnerability: Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege | Important

  9. CVE-2023-44487 - No CVSS score | Vulnerability: 3D Builder Remote Code Execution | Important

  10. CVE-2023-36566 - With a CVSS score of 6.5 | Vulnerability: Microsoft Common Data Model SDK Denial of Service | Important

  11. CVE-2023-44487 - No CVSS score | Vulnerability: MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack | Important

  12. CVE-2023-36566 - With a CVSS score of 6.5 | Vulnerability: Microsoft Common Data Model SDK Denial of Service | Important

  13. CVE-2023-36429 - With a CVSS score of 6.5 | Vulnerability: Microsoft Dynamics 365 (On-Premises) Information Disclosure | Important

  14. CVE-2023-36416 - With a CVSS score of 6.1 | Vulnerability: Microsoft Dynamics 365 (on-premises) Cross-site Scripting | Important

  15. CVE-2023-36433 - With a CVSS score of 6.5 | Vulnerability: Microsoft Dynamics 365 (On-Premises) Information Disclosure | Important

  16. CVE-2023-5346 - No CVSS score | Vulnerability: Chromium: CVE-2023-5346 Type Confusion in V8 | Unknown

  17. CVE-2023-36778 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important

  18. CVE-2023-36594 - With a CVSS score of 7.8 | Vulnerability: Windows Graphics Component Elevation of Privilege | Important

  19. CVE-2023-38159 - With a CVSS score of 7.0 | Vulnerability: Windows Graphics Component Elevation of Privilege | Important

  20. CVE-2023-36565 - With a CVSS score of 7.0 | Vulnerability: Microsoft Dynamics 365 (on-premises) Cross-site Scripting | Important

  21. CVE-2023-36569 - With a CVSS score of 8.4 | Vulnerability: Microsoft Office Elevation of Privilege | Important

  22. CVE-2023-36568 - With a CVSS score of 7.0 | Vulnerability: Microsoft Office Click-To-Run Elevation of Privilege | Important

  23. CVE-2023-38171 - With a CVSS score of 7.5 | Vulnerability: Microsoft QUIC Denial of Service | Important

  24. CVE-2023-36435 - With a CVSS score of 7.5 | Vulnerability: Microsoft QUIC Denial of Service | Important

  25. CVE-2023-36577 - With a CVSS score of 8.8 | Vulnerability: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution | Important

  26. CVE-2023-36710 - With a CVSS score of 7.8 | Vulnerability: Windows Media Foundation Core Remote Code Execution | Important

  27. CVE-2023-36564 - With a CVSS score of 6.5 | Vulnerability: Windows Search Security Feature Bypass | Important

  28. CVE-2023-36563 - With a CVSS score of 6.5 | Vulnerability: Microsoft WordPad Information Disclosure | Important

  29. CVE-2023-36786 - With a CVSS score of 7.2 | Vulnerability: Skype for Business Remote Code Execution | Important

  30. CVE-2023-36780 - With a CVSS score of 7.2 | Vulnerability: Skype for Business Remote Code Execution | Important

  31. CVE-2023-36789 - With a CVSS score of 7.2 | Vulnerability: Skype for Business Remote Code Execution | Important

  32. CVE-2023-41763 - With a CVSS score of 5.3 | Vulnerability: Skype for Business Elevation of Privilege | Important

  33. CVE-2023-36728 - With a CVSS score of 5.5 | Vulnerability: Microsoft SQL Server Denial of Service | Important

  34. CVE-2023-36417 - With a CVSS score of 7.8 | Vulnerability: Microsoft SQL ODBC Driver Remote Code Execution | Important

  35. CVE-2023-36785 - With a CVSS score of 7.8 | Vulnerability: Microsoft ODBC Driver for SQL Server Remote Code Execution | Important

  36. CVE-2023-36598 - With a CVSS score of 7.8 | Vulnerability: Microsoft WDAC ODBC Driver Remote Code Execution | Important

  37. CVE-2023-36730 - With a CVSS score of 7.8 | Vulnerability: Microsoft ODBC Driver for SQL Server Remote Code Execution | Important

  38. CVE-2023-36420 - With a CVSS score of 7.3 | Vulnerability: Microsoft ODBC Driver for SQL Server Remote Code Execution | Important

  39. CVE-2023-36585 - With a CVSS score of 7.5 | Vulnerability: Active Template Library Denial of Service | Important

  40. CVE-2023-36709 - With a CVSS score of 7.5 | Vulnerability: Microsoft AllJoyn API Denial of Service | Important

  41. CVE-2023-36902 - With a CVSS score of 7.0 | Vulnerability: Windows Runtime Remote Code Execution | Important

  42. CVE-2023-36713 - With a CVSS score of 5.5 | Vulnerability: Windows Common Log File System Driver Information Disclosure | Important

  43. CVE-2023-36723 - With a CVSS score of 7.8 | Vulnerability: Windows Deployment Services Denial of Service | Important

  44. CVE-2023-36707 - With a CVSS score of 6.5 | Vulnerability: Windows Deployment Services Denial of Service | Important

  45. CVE-2023-36567 - With a CVSS score of 7.5 | Vulnerability: Windows Deployment Services Information Disclosure | Important

  46. CVE-2023-36706 - With a CVSS score of 6.5 | Vulnerability: Windows Deployment Services Information Disclosure | Important

  47. CVE-2023-36703 - With a CVSS score of 7.5 | Vulnerability: DHCP Server Service Denial of Service | Important

  48. CVE-2023-36721 - With a CVSS score of 7.0 | Vulnerability: Windows Error Reporting Service Elevation of Privilege | Important

  49. CVE-2023-36436 - With a CVSS score of 7.8 | Vulnerability: Windows MSHTML Platform Remote Code Execution | Important

  50. CVE-2023-36557 - With a CVSS score of 7.8 | Vulnerability: PrintHTML API Remote Code Execution | Important

  51. CVE-2023-36434 - With a CVSS score of 9.8 | Vulnerability: Windows IIS Server Elevation of Privilege | Important

  52. CVE-2023-36726 - With a CVSS score of 7.8 | Vulnerability: Windows Internet Key Exchange (IKE) Extension Elevation of Privilege | Important

  53. CVE-2023-36576 - With a CVSS score of 5.5 | Vulnerability: Windows Kernel Information Disclosure | Important

  54. CVE-2023-36712 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important

  55. CVE-2023-36698 - With a CVSS score of 3.6 | Vulnerability: Windows Kernel Security Feature Bypass | Important

  56. CVE-2023-41770 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  57. CVE-2023-41765 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  58. CVE-2023-41767 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  59. CVE-2023-38166 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  60. CVE-2023-41774 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  61. CVE-2023-41773 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  62. CVE-2023-41771 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  63. CVE-2023-41769 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  64. CVE-2023-41768 - With a CVSS score of 8.1 | Vulnerability: Layer 2 Tunneling Protocol Remote Code Execution | Critical

  65. CVE-2023-36584 - With a CVSS score of 5.4 | Vulnerability: Windows Mark of the Web Security Feature Bypass | Important

  66. CVE-2023-36571 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  67. CVE-2023-36570 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  68. CVE-2023-36431 - With a CVSS score of 7.5 | Vulnerability: Microsoft Message Queuing Denial of Service | Important

  69. CVE-2023-35349 - With a CVSS score of 9.8 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Critical

  70. CVE-2023-36591 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  71. CVE-2023-36590 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  72. CVE-2023-36589 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  73. CVE-2023-36583 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  74. CVE-2023-36592 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  75. CVE-2023-36697 - With a CVSS score of 6.8 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Critical

  76. CVE-2023-36606 - With a CVSS score of 7.5 | Vulnerability: Microsoft Message Queuing Denial of Service | Important

  77. CVE-2023-36593 - With a CVSS score of 7.8 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  78. CVE-2023-36582 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  79. CVE-2023-36574 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  80. CVE-2023-36575 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  81. CVE-2023-36573 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  82. CVE-2023-36572 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  83. CVE-2023-36581 - With a CVSS score of 7.5 | Vulnerability: Microsoft Message Queuing Denial of Service | Important

  84. CVE-2023-36579 - With a CVSS score of 7.5 | Vulnerability: Microsoft Message Queuing Denial of Service | Important

  85. CVE-2023-36578 - With a CVSS score of 7.3 | Vulnerability: Microsoft Message Queuing Remote Code Execution | Important

  86. CVE-2023-36702 - With a CVSS score of 7.8 | Vulnerability: Microsoft DirectMusic Remote Code Execution | Important

  87. CVE-2023-36720 - With a CVSS score of 7.5 | Vulnerability: Windows Mixed Reality Developer Tools Denial of Service | Important

  88. CVE-2023-36729 - With a CVSS score of 7.8 | Vulnerability: Named Pipe File System Elevation of Privilege | Important

  89. CVE-2023-36605 - With a CVSS score of 7.4 | Vulnerability: Windows Named Pipe Filesystem Elevation of Privilege | Important

  90. CVE-2023-36725 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important

  91. CVE-2023-36724 - With a CVSS score of 5.5 | Vulnerability: Windows Power Management Service Information Disclosure | Important

  92. CVE-2023-36790 - With a CVSS score of 7.8 | Vulnerability: Windows RDP Encoder Mirror Driver Elevation of Privilege | Important

  93. CVE-2023-29348 - With a CVSS score of 6.5 | Vulnerability: Windows Remote Desktop Gateway (RD Gateway) Information Disclosure | Important

  94. CVE-2023-36596 - With a CVSS score of 6.5 | Vulnerability: Remote Procedure Call Information Disclosure | Important

  95. CVE-2023-36701 - With a CVSS score of 7.8 | Vulnerability: Microsoft Resilient File System (ReFS) Elevation of Privilege | Important

  96. CVE-2023-36711 - With a CVSS score of 7.8 | Vulnerability: Windows Runtime C++ Template Library Elevation of Privilege | Important

  97. CVE-2023-36704 - With a CVSS score of 7.8 | Vulnerability: Windows Setup Files Cleanup Remote Code Execution | Important

  98. CVE-2023-36438 - With a CVSS score of 7.5 | Vulnerability: Windows TCP/IP Information Disclosure | Important

  99. CVE-2023-36603 - With a CVSS score of 7.5 | Vulnerability: Windows TCP/IP Denial of Service | Important

  100. CVE-2023-36602 - With a CVSS score of 7.5 | Vulnerability: Windows TCP/IP Denial of Service | Important

  101. CVE-2023-36717 - With a CVSS score of 6.5 | Vulnerability: Windows Virtual Trusted Platform Module Denial of Service | Important

  102. CVE-2023-36718 - With a CVSS score of 7.8 | Vulnerability: Microsoft Virtual Trusted Platform Module Remote Code Execution | Critical

  103. CVE-2023-36731 - With a CVSS score of 7.8 | Vulnerability: Win32k Elevation of Privilege | Important

  104. CVE-2023-36732 - With a CVSS score of 7.8 | Vulnerability: Win32k Elevation of Privilege | Important

  105. CVE-2023-36776 - With a CVSS score of 7.0 | Vulnerability: Win32k Elevation of Privilege | Important

  106. CVE-2023-36743 - With a CVSS score of 7.8 | Vulnerability: Win32k Elevation of Privilege | Important

  107. CVE-2023-41772 - With a CVSS score of 7.8 | Vulnerability: Win32k Elevation of Privilege | Important

 

Your Security is our Priority

Your friendly Support Team

The Computer Department Logo

Speak to us about all your computer needs

This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.

Sidney Kirkman
Previous

Microsoft’s AI Suffer Data Breach
Next

The Privacy Act Review - What Small Business Operators Need to Know