Security Advisory 2023-064

Release Date:

Microsoft September 2023 Patch Tuesday

Download

History:

  • 13/09/2023 --- v1.0 -- Initial publication

Summary

Microsoft has released its September 2023 Patch Tuesday Security Updates, addressing a total of 59 CVEs, including two actively exploited zero-day vulnerabilities [1].

Technical Details

This month's patches fix two zero-day vulnerabilities that are known to be actively exploited in the wild and one of them publicly disclosed. These zero-day vulnerabilities are:

  • CVE-2023-36802 - Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability [2];

Microsoft has fixed an actively exploited local privilege elevation vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

  • CVE-2023-36761 - Microsoft Word Information Disclosure Vulnerability [3];

Microsoft has fixed an actively exploited vulnerability that can be used to steal NTLM hashes when opening a document, including the Preview Pane. An attacker could exploit this vulnerability to allow the disclosure of NTLM hashes, which could be used in an NTLM relay-style attack.

Affected Products

Here is the full list with Microsoft's affected products and their respective vulnerabilities in the September 2023 Patch Tuesday updates:

TagCVEBase Score
Microsoft Azure Kubernetes ServiceCVE-2023-293327.5
Azure DevOpsCVE-2023-331368.8
Windows Cloud Files Mini Filter DriverCVE-2023-353557.8
Microsoft Identity Linux BrokerCVE-2023-367364.4
3D ViewerCVE-2023-367397.8
3D ViewerCVE-2023-367407.8
Visual Studio CodeCVE-2023-367427.8
Microsoft Exchange ServerCVE-2023-367448.0
Microsoft Exchange ServerCVE-2023-367458.0
Microsoft Exchange ServerCVE-2023-367568.0
Microsoft Exchange ServerCVE-2023-367578.0
Visual StudioCVE-2023-367587.8
Visual StudioCVE-2023-367596.7
3D ViewerCVE-2023-367607.8
Microsoft Office WordCVE-2023-367616.2
Microsoft Office WordCVE-2023-367627.3
Microsoft Office OutlookCVE-2023-367637.5
Microsoft Office SharePointCVE-2023-367648.8
Microsoft OfficeCVE-2023-367657.8
Microsoft Office ExcelCVE-2023-367667.8
Microsoft OfficeCVE-2023-367674.3
3D BuilderCVE-2023-367707.8
3D BuilderCVE-2023-367717.8
3D BuilderCVE-2023-367727.8
3D BuilderCVE-2023-367737.8
Microsoft Exchange ServerCVE-2023-367775.7
.NET FrameworkCVE-2023-367887.8
.NET and Visual StudioCVE-2023-367927.8
.NET and Visual StudioCVE-2023-367937.8
.NET and Visual StudioCVE-2023-367947.8
.NET and Visual StudioCVE-2023-367967.8
.NET Core & Visual StudioCVE-2023-367996.5
Microsoft Dynamics Finance & OperationsCVE-2023-368007.6
Windows DHCP ServerCVE-2023-368015.3
Microsoft Streaming ServiceCVE-2023-368027.8
Windows KernelCVE-2023-368035.5
Windows GDICVE-2023-368047.8
Windows ScriptingCVE-2023-368057.0
Microsoft DynamicsCVE-2023-368867.6
Windows KernelCVE-2023-381397.8
Windows KernelCVE-2023-381405.5
Windows KernelCVE-2023-381417.8
Windows KernelCVE-2023-381427.8
Windows Common Log File System DriverCVE-2023-381437.8
Windows Common Log File System DriverCVE-2023-381447.8
Windows ThemesCVE-2023-381468.8
Microsoft Windows Codecs LibraryCVE-2023-381478.8
Windows Internet Connection Sharing (ICS)CVE-2023-381488.8
Windows TCP/IPCVE-2023-381497.5
Windows KernelCVE-2023-381507.8
Windows DHCP ServerCVE-2023-381525.3
Azure DevOpsCVE-2023-381557.0
Azure HDInsightsCVE-2023-381567.2
Windows TCP/IPCVE-2023-381605.5
Windows GDICVE-2023-381617.8
Windows DHCP ServerCVE-2023-381627.5
Windows DefenderCVE-2023-381637.8
Microsoft DynamicsCVE-2023-381647.6
Microsoft OfficeCVE-2023-417645.5

Recommendations

Microsoft urges users to apply the security updates as soon as possible to protect their systems against potential exploitation. Users should review the detailed Microsoft advisory for each vulnerability and follow the steps provided to mitigate the risks associated with these vulnerabilities.

References

[1] https://msrc.microsoft.com/update-guide/releaseNote/2023-Sep

[2] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802

[3] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36761

We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.