Patch Tuesday Update - July 2023

By Vulnerability Research Team

Today’s Microsoft Security Update addressed 130 vulnerabilities, including 9 that are rated as Critical.  This is double the number fixed from last month, June 2023.

Microsoft included two security advisories this month, ADV230001 and ADV230002.
The ADV230001 security advisory addresses some drivers that were certified by the Microsoft’s Windows Hardware Developer Program (MWHDP) that have been used maliciously in post-exploitation activities. Microsoft has suspended the developer accounts related to the affected drivers, marked the drivers as untrusted and revoked the affected driver signing certificates.

Multiple vulnerabilities included in this month's Patch Tuesday are currently being exploited in the wild including one which does not currently have a patch, CVE-2023-36884.

  • CVE-2023-32046 requires a specially crafted file to exploit this vulnerability and would grant the attacker the same privileges as the user that executed it.
  • CVE-2023-32049 could allow attackers to use this vulnerability to bypass the Open File - Security Warning prompt. User interaction is required for this attack as an attacker would be required to convince a user to click on a malicious URL.
  • CVE-2023-36874 is a vulnerability that can be leveraged by an attacker to escalate privileges to that of an administrator.
  • CVE-2023-36884 Microsoft is aware of targeted attacks attempting to exploit this vulnerability via a crafted Microsoft Office document to achieve remote code execution. However, for the attack to be successful the attacker would have to trick the victim into opening the malicious file. While this vulnerability does not currently have a patch, Microsoft has provided multiple mitigations until a patch is available. More information on the mitigations can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884.
  • CVE-2023-35311 is a vulnerability that would allow an attacker to bypass the Microsoft Outlook Security Notice prompt, but does require user interaction to be compromised by the attacker.

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.24.0 and Agent 1.62.0 releases.

CVE/Advisory Title Tag Microsoft Severity Rating Base Score Microsoft Impact Exploited Publicly Disclosed
CVE-2023-21756 Windows Win32k Elevation of Privilege Vulnerability Microsoft Graphics Component Important 7.8 Elevation of Privilege No No
CVE-2023-33148 Microsoft Office Elevation of Privilege Vulnerability Microsoft Office Important 7.8 Elevation of Privilege No No
CVE-2023-33149 Microsoft Office Graphics Remote Code Execution Vulnerability Microsoft Graphics Component Important 7.8 Remote Code Execution No No
CVE-2023-33150 Microsoft Office Security Feature Bypass Vulnerability Microsoft Office Important 9.6 Security Feature Bypass No No
CVE-2023-33151 Microsoft Outlook Spoofing Vulnerability Microsoft Office Outlook Important 6.5 Spoofing No No
CVE-2023-33152 Microsoft ActiveX Remote Code Execution Vulnerability Microsoft Office Access Important 7 Remote Code Execution No No
CVE-2023-33153 Microsoft Outlook Remote Code Execution Vulnerability Microsoft Office Outlook Important 6.8 Remote Code Execution No No
CVE-2023-33165 Microsoft SharePoint Server Security Feature Bypass Vulnerability Microsoft Office SharePoint Important 4.3 Security Feature Bypass No No
CVE-2023-33166 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33167 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33168 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33169 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33172 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33173 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33174 Windows Cryptographic Information Disclosure Vulnerability Windows Cryptographic Services Important 5.5 Information Disclosure No No
CVE-2023-32033 Microsoft Failover Cluster Remote Code Execution Vulnerability Windows Cluster Server Important 6.6 Remote Code Execution No No
CVE-2023-32034 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-32035 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-32037 Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability Windows Layer 2 Tunneling Protocol Important 6.5 Information Disclosure No No
CVE-2023-32038 Microsoft ODBC Driver Remote Code Execution Vulnerability Windows ODBC Driver Important 8.8 Remote Code Execution No No
CVE-2023-32039 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers Important 5.5 Information Disclosure No No
CVE-2023-32040 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers Important 5.5 Information Disclosure No No
CVE-2023-32041 Windows Update Orchestrator Service Information Disclosure Vulnerability Windows Update Orchestrator Service Important 5.5 Information Disclosure No No
CVE-2023-32042 OLE Automation Information Disclosure Vulnerability Windows OLE Important 6.5 Information Disclosure No No
CVE-2023-32043 Windows Remote Desktop Security Feature Bypass Vulnerability Windows Remote Desktop Important 6.8 Security Feature Bypass No No
CVE-2023-32044 Microsoft Message Queuing Denial of Service Vulnerability Windows Message Queuing Important 7.5 Denial of Service No No
CVE-2023-32045 Microsoft Message Queuing Denial of Service Vulnerability Windows Message Queuing Important 7.5 Denial of Service No No
CVE-2023-32046 Windows MSHTML Platform Elevation of Privilege Vulnerability Windows MSHTML Platform Important 7.8 Elevation of Privilege Yes No
CVE-2023-32047 Paint 3D Remote Code Execution Vulnerability Paint 3D Important 7.8 Remote Code Execution No No
ADV230002 Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules Windows EFI Partition Important N/A Security Feature Bypass No No
CVE-2023-32049 Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Important 8.8 Security Feature Bypass Yes No
CVE-2023-32050 Windows Installer Elevation of Privilege Vulnerability Windows Installer Important 7 Elevation of Privilege No No
CVE-2023-32051 Raw Image Extension Remote Code Execution Vulnerability Microsoft Windows Codecs Library Important 7.8 Remote Code Execution No No
CVE-2023-35313 Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability Windows Online Certificate Status Protocol (OCSP) SnapIn Important 7.8 Remote Code Execution No No
CVE-2023-35314 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-35315 Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability Windows Layer-2 Bridge Network Driver Critical 8.8 Remote Code Execution No No
CVE-2023-35316 Remote Procedure Call Runtime Information Disclosure Vulnerability Windows Remote Procedure Call Important 6.5 Information Disclosure No No
CVE-2023-35317 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Windows Server Update Service Important 7.8 Elevation of Privilege No No
CVE-2023-35318 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-35319 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-35320 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Windows Connected User Experiences and Telemetry Important 7.8 Elevation of Privilege No No
CVE-2023-35321 Windows Deployment Services Denial of Service Vulnerability Windows Deployment Services Important 6.5 Denial of Service No No
CVE-2023-35322 Windows Deployment Services Remote Code Execution Vulnerability Windows Deployment Services Important 8.8 Remote Code Execution No No
CVE-2023-35323 Windows OLE Remote Code Execution Vulnerability Windows Online Certificate Status Protocol (OCSP) SnapIn Important 7.8 Remote Code Execution No No
CVE-2023-35324 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers Important 5.5 Information Disclosure No No
CVE-2023-35325 Windows Print Spooler Information Disclosure Vulnerability Windows Print Spooler Components Important 7.5 Information Disclosure No No
CVE-2023-35326 Windows CDP User Components Information Disclosure Vulnerability Windows CDP User Components Important 5.5 Information Disclosure No No
CVE-2023-35328 Windows Transaction Manager Elevation of Privilege Vulnerability Windows Transaction Manager Important 7.8 Elevation of Privilege No No
CVE-2023-35329 Windows Authentication Denial of Service Vulnerability Windows Authentication Methods Important 6.5 Denial of Service No No
CVE-2023-35330 Windows Extended Negotiation Denial of Service Vulnerability Windows SPNEGO Extended Negotiation Important 7.5 Denial of Service No No
CVE-2023-35331 Windows Local Security Authority (LSA) Denial of Service Vulnerability Windows Local Security Authority (LSA) Important 6.5 Denial of Service No No
CVE-2023-35332 Windows Remote Desktop Protocol Security Feature Bypass Windows Remote Desktop Important 6.8 Security Feature Bypass No No
CVE-2023-35333 MediaWiki PandocUpload Extension Remote Code Execution Vulnerability Microsoft Media-Wiki Extensions Important 8.8 Remote Code Execution No No
CVE-2023-35336 Windows MSHTML Platform Security Feature Bypass Vulnerability Windows MSHTML Platform Important 6.5 Security Feature Bypass No No
CVE-2023-35337 Win32k Elevation of Privilege Vulnerability Windows Win32K Important 7.8 Elevation of Privilege No No
CVE-2023-35338 Windows Peer Name Resolution Protocol Denial of Service Vulnerability Windows Peer Name Resolution Protocol Important 7.5 Denial of Service No No
CVE-2023-35339 Windows CryptoAPI  Denial of Service Vulnerability Windows CryptoAPI Important 7.5 Denial of Service No No
CVE-2023-35340 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability Windows CNG Key Isolation Service Important 7.8 Elevation of Privilege No No
CVE-2023-35341 Microsoft DirectMusic Information Disclosure Vulnerability Windows Media Important 6.2 Information Disclosure No No
CVE-2023-35342 Windows Image Acquisition Elevation of Privilege Vulnerability Windows Image Acquisition Important 7.8 Elevation of Privilege No No
CVE-2023-35343 Windows Geolocation Service Remote Code Execution Vulnerability Windows Geolocation Service Important 7.8 Remote Code Execution No No
CVE-2023-35344 Windows DNS Server Remote Code Execution Vulnerability Role: DNS Server Important 6.6 Remote Code Execution No No
CVE-2023-35345 Windows DNS Server Remote Code Execution Vulnerability Role: DNS Server Important 6.6 Remote Code Execution No No
CVE-2023-35346 Windows DNS Server Remote Code Execution Vulnerability Role: DNS Server Important 6.6 Remote Code Execution No No
CVE-2023-35347 Microsoft Install Service Elevation of Privilege Vulnerability Windows App Store Important 7.1 Elevation of Privilege No No
CVE-2023-35348 Active Directory Federation Service Security Feature Bypass Vulnerability Azure Active Directory Important 7.5 Security Feature Bypass No No
CVE-2023-35350 Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability Windows Active Directory Certificate Services Important 7.2 Remote Code Execution No No
CVE-2023-35351 Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability Windows Active Directory Certificate Services Important 6.6 Remote Code Execution No No
CVE-2023-35352 Windows Remote Desktop Security Feature Bypass Vulnerability Windows Remote Desktop Critical 7.5 Security Feature Bypass No No
CVE-2023-35353 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Windows Connected User Experiences and Telemetry Important 7.8 Elevation of Privilege No No
CVE-2023-35356 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2023-35357 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2023-35358 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2023-35360 Windows Kernel Elevation of Privilege Vulnerability Windows NT OS Kernel Important 7 Elevation of Privilege No No
CVE-2023-35361 Windows Kernel Elevation of Privilege Vulnerability Windows NT OS Kernel Important 7 Elevation of Privilege No No
CVE-2023-35362 Windows Clip Service Elevation of Privilege Vulnerability Windows Clip Service Important 7.8 Elevation of Privilege No No
CVE-2023-35363 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2023-35364 Windows Kernel Elevation of Privilege Vulnerability Windows NT OS Kernel Important 8.8 Elevation of Privilege No No
CVE-2023-35365 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Critical 9.8 Remote Code Execution No No
CVE-2023-35366 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Critical 9.8 Remote Code Execution No No
CVE-2023-35367 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Critical 9.8 Remote Code Execution No No
CVE-2023-36872 VP9 Video Extensions Information Disclosure Vulnerability Microsoft Windows Codecs Library Important 5.5 Information Disclosure No No
CVE-2023-36874 Windows Error Reporting Service Elevation of Privilege Vulnerability Windows Error Reporting Important 7.8 Elevation of Privilege Yes No
CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability Microsoft Office Important 8.3 Remote Code Execution Yes Yes
CVE-2023-21526 Windows Netlogon Information Disclosure Vulnerability Windows Netlogon Important 7.4 Information Disclosure No No
ADV230001 Guidance on Microsoft Signed Drivers Being Used Maliciously Windows Certificates None N/A Defense in Depth Yes No
CVE-2023-29347 Windows Admin Center Spoofing Vulnerability Windows Admin Center Important 8.7 Spoofing No No
CVE-2023-33127 .NET and Visual Studio Elevation of Privilege Vulnerability .NET and Visual Studio Important 8.1 Elevation of Privilege No No
CVE-2023-33134 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft Office SharePoint Important 8.8 Remote Code Execution No No
CVE-2023-33154 Windows Partition Management Driver Elevation of Privilege Vulnerability Windows Partition Management Driver Important 7.8 Elevation of Privilege No No
CVE-2023-33155 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Important 7.8 Elevation of Privilege No No
CVE-2023-33156 Microsoft Defender Elevation of Privilege Vulnerability Windows Defender Important 6.3 Elevation of Privilege No No
CVE-2023-33157 Microsoft SharePoint Remote Code Execution Vulnerability Microsoft Office SharePoint Critical 8.8 Remote Code Execution No No
CVE-2023-33158 Microsoft Excel Remote Code Execution Vulnerability Microsoft Office Excel Important 7.8 Remote Code Execution No No
CVE-2023-33159 Microsoft SharePoint Server Spoofing Vulnerability Microsoft Office SharePoint Important 8.8 Spoofing No No
CVE-2023-33160 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft Office SharePoint Critical 8.8 Remote Code Execution No No
CVE-2023-33161 Microsoft Excel Remote Code Execution Vulnerability Microsoft Office Excel Important 7.8 Remote Code Execution No No
CVE-2023-33162 Microsoft Excel Information Disclosure Vulnerability Microsoft Office Excel Important 5.5 Information Disclosure No No
CVE-2023-33163 Windows Network Load Balancing Remote Code Execution Vulnerability Windows Network Load Balancing Important 7.5 Remote Code Execution No No
CVE-2023-33164 Remote Procedure Call Runtime Denial of Service Vulnerability Windows Remote Procedure Call Important 6.5 Denial of Service No No
CVE-2023-33170 ASP.NET and Visual Studio Security Feature Bypass Vulnerability ASP.NET and Visual Studio Important 8.1 Security Feature Bypass No No
CVE-2023-33171 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics Important 8.2 Spoofing No No
CVE-2023-32052 Microsoft Power Apps Spoofing Vulnerability Microsoft Power Apps Important 5.4 Spoofing No No
CVE-2023-32053 Windows Installer Elevation of Privilege Vulnerability Windows Installer Important 7.8 Elevation of Privilege No No
CVE-2023-32054 Volume Shadow Copy Elevation of Privilege Vulnerability Windows Volume Shadow Copy Important 7.3 Elevation of Privilege No No
CVE-2023-32055 Active Template Library Elevation of Privilege Vulnerability Windows Active Template Library Important 6.7 Elevation of Privilege No No
CVE-2023-32056 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Windows Server Update Service Important 7.8 Elevation of Privilege No No
CVE-2023-32057 Microsoft Message Queuing Remote Code Execution Vulnerability Windows Message Queuing Critical 9.8 Remote Code Execution No No
CVE-2023-32083 Microsoft Failover Cluster Information Disclosure Vulnerability Windows Failover Cluster Important 6.5 Information Disclosure No No
CVE-2023-32084 HTTP.sys Denial of Service Vulnerability Windows HTTP.sys Important 7.5 Denial of Service No No
CVE-2023-32085 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers Important 5.5 Information Disclosure No No
CVE-2023-35296 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers Important 6.5 Information Disclosure No No
CVE-2023-35297 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows PGM Critical 7.5 Remote Code Execution No No
CVE-2023-35298 HTTP.sys Denial of Service Vulnerability Windows HTTP.sys Important 7.5 Denial of Service No No
CVE-2023-35299 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Important 7.8 Elevation of Privilege No No
CVE-2023-35300 Remote Procedure Call Runtime Remote Code Execution Vulnerability Windows Remote Procedure Call Important 8.8 Remote Code Execution No No
CVE-2023-35302 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft Printer Drivers Important 8.8 Remote Code Execution No No
CVE-2023-35303 USB Audio Class System Driver Remote Code Execution Vulnerability Microsoft Windows Codecs Library Important 8.8 Remote Code Execution No No
CVE-2023-35304 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2023-35305 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7.8 Elevation of Privilege No No
CVE-2023-35306 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers Important 5.5 Information Disclosure No No
CVE-2023-35308 Windows MSHTML Platform Security Feature Bypass Vulnerability Windows MSHTML Platform Important 6.5 Security Feature Bypass No No
CVE-2023-35309 Microsoft Message Queuing Remote Code Execution Vulnerability Windows Message Queuing Important 7.5 Remote Code Execution No No
CVE-2023-35310 Windows DNS Server Remote Code Execution Vulnerability Role: DNS Server Important 6.6 Remote Code Execution No No
CVE-2023-35311 Microsoft Outlook Security Feature Bypass Vulnerability Microsoft Office Outlook Important 8.8 Security Feature Bypass Yes No
CVE-2023-35312 Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability Windows VOLSNAP.SYS Important 7.8 Elevation of Privilege No No
CVE-2023-35335 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics Important 8.2 Spoofing No No
CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability Mono Authenticode Important 5.3 Spoofing No No
CVE-2023-35374 Paint 3D Remote Code Execution Vulnerability Paint 3D Important 7.8 Remote Code Execution No No
CVE-2023-36867 Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability Visual Studio Code Important 7.8 Remote Code Execution No No
CVE-2023-36868 Azure Service Fabric on Windows Information Disclosure Vulnerability Service Fabric Important 6.5 Information Disclosure No No
CVE-2023-36871 Azure Active Directory Security Feature Bypass Vulnerability Azure Active Directory Important 6.5 Security Feature Bypass

See how Fortra Vulnerability Manager can help your team identify and prioritize vulnerabilities quickly and accelerate your time-to-remediation.

Watch this 3-minute video to learn more.

WATCH THE VIDEO

Share This