Today’s Microsoft Security Update includes the Microsoft Patch Tuesday checks in the NIRV 4.26.0 and Frontline Agent 1.63.0 releases.
- Microsoft included fixes for 74 vulnerabilities in this release, including 6 rated as Critical.
- Microsoft also released 2 security advisories this month with improvements related to defense in depth for Microsoft Office and the Memory Integrity System Readiness Scan Tool.
- A couple of the vulnerability fixes and defense in depth improvements included in this release are related to vulnerabilities being exploited in the wild.
- ADV230003
- This advisory is for a defense in depth improvement for Microsoft Office to block the attack chain required for successful exploitation of CVE-2023-36884.
- This CVE is being actively exploited by the Storm-0978 threat group (aka RomCom). More information about the exploit activity around CVE-2023-36884 can be found on here.
- CVE-2023-38180
- This CVE is for a Denial of Service vulnerability in .NET and Visual Studio that Microsoft indicated has been exploited but did not provide any additional details on the exploitation or attacks that used it.
- ADV230003
CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
CVE-2023-29328 | Microsoft Teams Remote Code Execution Vulnerability | Microsoft Teams | Critical | 8.8 | Remote Code Execution | No | No |
CVE-2023-29330 | Microsoft Teams Remote Code Execution Vulnerability | Microsoft Teams | Critical | 8.8 | Remote Code Execution | No | No |
CVE-2023-35359 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35368 | Microsoft Exchange Remote Code Execution Vulnerability | Microsoft Exchange Server | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36865 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36866 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36869 | Azure DevOps Server Spoofing Vulnerability | Azure DevOps | Important | 6.3 | Spoofing | No | No |
CVE-2023-36873 | .NET Framework Spoofing Vulnerability | .NET Framework | Important | 7.4 | Spoofing | No | No |
CVE-2023-36876 | Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability | Reliability Analysis Metrics Calculation Engine | Important | 7.1 | Elevation of Privilege | No | No |
CVE-2023-36882 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Microsoft WDAC OLE DB provider for SQL | Important | 8.8 | Remote Code Execution | No | No |
ADV230003 | Microsoft Office Defense in Depth Update | Microsoft Office | Moderate | N/A | Defense in Depth | Yes | Yes |
CVE-2023-36889 | Windows Group Policy Security Feature Bypass Vulnerability | Windows Group Policy | Important | 5.5 | Security Feature Bypass | No | No |
CVE-2023-36898 | Tablet Windows User Interface Application Core Remote Code Execution Vulnerability | Tablet Windows User Interface | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36899 | ASP.NET Elevation of Privilege Vulnerability | ASP.NET | Important | 7.5 | Elevation of Privilege | No | No |
CVE-2023-36900 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36903 | Windows System Assessment Tool Elevation of Privilege Vulnerability | Windows System Assessment Tool | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36904 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36905 | Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | Windows Wireless Wide Area Network Service | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36906 | Windows Cryptographic Services Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36907 | Windows Cryptographic Services Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36908 | Windows Hyper-V Information Disclosure Vulnerability | Role: Windows Hyper-V | Important | 5.7 | Information Disclosure | No | No |
CVE-2023-36909 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 6.5 | Denial of Service | No | No |
CVE-2023-36910 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-36911 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-36912 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36913 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36914 | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | Windows Smart Card | Important | 5.5 | Security Feature Bypass | No | No |
CVE-2023-35376 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 6.5 | Denial of Service | No | No |
CVE-2023-38254 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35377 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35378 | Windows Projected File System Elevation of Privilege Vulnerability | Windows Projected File System | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-35379 | Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability | Windows Reliability Analysis Metrics Calculation Engine | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35380 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35381 | Windows Fax Service Remote Code Execution Vulnerability | Windows Fax and Scan Service | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-35382 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35383 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 7.5 | Information Disclosure | No | No |
CVE-2023-35384 | Windows HTML Platforms Security Feature Bypass Vulnerability | Windows HTML Platform | Important | 5.4 | Security Feature Bypass | No | No |
CVE-2023-35385 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-35386 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35387 | Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability | Windows Bluetooth A2DP driver | Important | 8.8 | Elevation of Privilege | No | No |
CVE-2023-35389 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | Microsoft Dynamics | Important | 6.5 | Remote Code Execution | No | No |
CVE-2023-35393 | Azure Apache Hive Spoofing Vulnerability | Azure HDInsights | Important | 4.5 | Spoofing | No | No |
CVE-2023-35394 | Azure HDInsight Jupyter Notebook Spoofing Vulnerability | Azure HDInsights | Important | 4.6 | Spoofing | No | No |
CVE-2023-38188 | Azure Apache Hadoop Spoofing Vulnerability | Azure HDInsights | Important | 4.5 | Spoofing | No | No |
CVE-2023-38186 | Windows Mobile Device Management Elevation of Privilege Vulnerability | Windows Mobile Device Management | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-38185 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-38184 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Windows LDAP - Lightweight Directory Access Protocol | Important | 7.5 | Remote Code Execution | No | No |
CVE-2023-38175 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Windows Defender | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-38172 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-38170 | HEVC Video Extensions Remote Code Execution Vulnerability | Microsoft Windows Codecs Library | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-38169 | Microsoft OLE DB Remote Code Execution Vulnerability | SQL Server | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-38167 | Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability | Dynamics Business Central Control | Important | 7.2 | Elevation of Privilege | No | No |
CVE-2023-21709 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Microsoft Exchange Server | Important | 9.8 | Elevation of Privilege | No | No |
CVE-2023-35371 | Microsoft Office Remote Code Execution Vulnerability | Microsoft Office Excel | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-35372 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36877 | Azure Apache Oozie Spoofing Vulnerability | Azure HDInsights | Important | 4.5 | Spoofing | No | No |
CVE-2023-36881 | Azure Apache Ambari Spoofing Vulnerability | Azure HDInsights | Important | 4.5 | Spoofing | No | No |
CVE-2023-36890 | Microsoft SharePoint Server Information Disclosure Vulnerability | Microsoft Office SharePoint | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36891 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft Office SharePoint | Important | 8 | Spoofing | No | No |
CVE-2023-36892 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft Office SharePoint | Important | 8 | Spoofing | No | No |
CVE-2023-36893 | Microsoft Outlook Spoofing Vulnerability | Microsoft Office Outlook | Important | 6.5 | Spoofing | No | No |
CVE-2023-36894 | Microsoft SharePoint Server Information Disclosure Vulnerability | Microsoft Office SharePoint | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36895 | Microsoft Outlook Remote Code Execution Vulnerability | Microsoft Office Outlook | Critical | 7.8 | Remote Code Execution | No | No |
CVE-2023-36896 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36897 | Visual Studio Tools for Office Runtime Spoofing Vulnerability | Microsoft Office | Important | 8.1 | Spoofing | No | No |
CVE-2023-35388 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server | Important | 8 | Remote Code Execution | No | No |
CVE-2023-20569 | AMD: CVE-2023-20569 Return Address Predictor | Microsoft Windows | Important | N/A | Information Disclosure | No | No |
CVE-2023-35390 | .NET and Visual Studio Remote Code Execution Vulnerability | .NET Core | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-35391 | ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability | ASP.NET and Visual Studio | Important | 7.1 | Information Disclosure | No | No |
CVE-2023-38182 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server | Important | 8 | Remote Code Execution | No | No |
CVE-2023-38181 | Microsoft Exchange Server Spoofing Vulnerability | Microsoft Exchange Server | Important | 8.8 | Spoofing | No | No |
CVE-2023-38180 | .NET and Visual Studio Denial of Service Vulnerability | ASP .NET | Important | 7.5 | Denial of Service | Yes | No |
CVE-2023-38178 | .NET Core and Visual Studio Denial of Service Vulnerability | .NET Core | Important | 7.5 | Denial of Service | No | No |
CVE-2023-38176 | Azure Arc-Enabled Servers Elevation of Privilege Vulnerability | Azure Arc | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-38154 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
ADV230004 | Memory Integrity System Readiness Scan Tool Defense in Depth Update | Memory Integrity System Readiness Scan Tool | Moderate | N/A | Defense in Depth | No | Yes |
Prioritize the right vulnerabilities and accelerate your time-to-remediation
Watch this 3-minute video to see what Frontline VM can do for you.