Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.29.0 and Agent 2.0 releases.
Microsoft addressed 104 vulnerabilities in this October 2023 release, including 12 rated as Critical and 45 Remote Code Execution vulnerabilities.
- Three of the CVEs included in this month's release are also being exploited in the wild.
- HTTP/2 Rapid Reset Attack (CVE-2023-44487)
- This vulnerability in HTTP/2 allows attackers to use a set number of HTTP/2 requests to cause high CPU utilization and requests per second on targeted servers that eventually leads to resource exhaustion.
- See this Microsoft Response blog for more information.
- Skype for Business Elevation of Privilege Vulnerability (CVE-2023-41763)
- An unauthenticated attacker could leverage this vulnerability to force the Skype for Business server to make a HTTP request to an attacker-controlled host which could reveal the IP or port of the Skype for Business server. Microsoft states that in some cases, the exposed information may be sufficient for an attacker to gain access to the internal network.
- Microsoft WordPad Information Disclosure Vulnerability (CVE-2023-36563)
- This information disclosure vulnerability could result in the disclosure of NTLM hashes if a local user was tricked into opening a malicious file.
- HTTP/2 Rapid Reset Attack (CVE-2023-44487)
CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
CVE-2023-35349 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-36902 | Windows Runtime Remote Code Execution Vulnerability | Windows Client/Server Runtime Subsystem | Important | 7 | Remote Code Execution | No | No |
CVE-2023-38171 | Microsoft QUIC Denial of Service Vulnerability | Microsoft QUIC | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36737 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Azure | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-41763 | Skype for Business Elevation of Privilege Vulnerability | Skype for Business | Important | 5.3 | Elevation of Privilege | Yes | Yes |
CVE-2023-41765 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41766 | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | Client Server Run-time Subsystem (CSRSS) | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-41767 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41768 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41769 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41770 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41771 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41772 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-41773 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-41774 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-36732 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36731 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36730 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | SQL Server | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36729 | Named Pipe File System Elevation of Privilege Vulnerability | Windows Named Pipe File System | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36728 | Microsoft SQL Server Denial of Service Vulnerability | SQL Server | Important | 5.5 | Denial of Service | No | No |
CVE-2023-36726 | Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability | Windows IKE Extension | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36725 | Windows Kernel Elevation of Privilege Vulnerability | Windows NT OS Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36724 | Windows Power Management Service Information Disclosure Vulnerability | Windows Power Management Service | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36723 | Windows Container Manager Service Elevation of Privilege Vulnerability | Windows Container Manager Service | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36722 | Active Directory Domain Services Information Disclosure Vulnerability | Active Directory Domain Services | Important | 4.4 | Information Disclosure | No | No |
CVE-2023-36721 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Windows Error Reporting | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36720 | Windows Mixed Reality Developer Tools Denial of Service Vulnerability | Windows Mixed Reality Developer Tools | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36718 | Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability | Windows Virtual Trusted Platform Module | Critical | 7.8 | Remote Code Execution | No | No |
CVE-2023-36717 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Windows TPM | Important | 6.5 | Denial of Service | No | No |
CVE-2023-36713 | Windows Common Log File System Driver Information Disclosure Vulnerability | Windows Common Log File System Driver | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36712 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36711 | Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | Windows Runtime C++ Template Library | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36710 | Windows Media Foundation Core Remote Code Execution Vulnerability | Microsoft Windows Media Foundation | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36709 | Microsoft AllJoyn API Denial of Service Vulnerability | Windows AllJoyn API | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36707 | Windows Deployment Services Denial of Service Vulnerability | Windows Deployment Services | Important | 6.5 | Denial of Service | No | No |
CVE-2023-36706 | Windows Deployment Services Information Disclosure Vulnerability | Windows Deployment Services | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36704 | Windows Setup Files Cleanup Remote Code Execution Vulnerability | Windows Setup Files Cleanup | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36703 | DHCP Server Service Denial of Service Vulnerability | Windows DHCP Server | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36702 | Microsoft DirectMusic Remote Code Execution Vulnerability | Windows Microsoft DirectMusic | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36701 | Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability | Windows Resilient File System (ReFS) | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36698 | Windows Kernel Security Feature Bypass Vulnerability | Windows Kernel | Important | 3.6 | Security Feature Bypass | No | No |
CVE-2023-36697 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Critical | 6.8 | Remote Code Execution | No | No |
CVE-2023-36606 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36605 | Windows Named Pipe Filesystem Elevation of Privilege Vulnerability | Windows Named Pipe File System | Important | 7.4 | Elevation of Privilege | No | No |
CVE-2023-36603 | Windows TCP/IP Denial of Service Vulnerability | Windows TCP/IP | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36602 | Windows TCP/IP Denial of Service Vulnerability | Windows TCP/IP | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36598 | Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | SQL Server | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36596 | Remote Procedure Call Information Disclosure Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36594 | Windows Graphics Component Elevation of Privilege Vulnerability | Microsoft Graphics Component | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36593 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36592 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36591 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36590 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36589 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36585 | Active Template Library Denial of Service Vulnerability | Windows Active Template Library | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36584 | Windows Mark of the Web Security Feature Bypass Vulnerability | Windows Mark of the Web (MOTW) | Important | 5.4 | Security Feature Bypass | No | No |
CVE-2023-36583 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36582 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36581 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36579 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36578 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36577 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Microsoft WDAC OLE DB provider for SQL | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36576 | Windows Kernel Information Disclosure Vulnerability | Windows Kernel | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36575 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36574 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36573 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36572 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36571 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36570 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36569 | Microsoft Office Elevation of Privilege Vulnerability | Microsoft Office | Important | 8.4 | Elevation of Privilege | No | No |
CVE-2023-36568 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Microsoft Office | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36567 | Windows Deployment Services Information Disclosure Vulnerability | Windows Deployment Services | Important | 7.5 | Information Disclosure | No | No |
CVE-2023-36564 | Windows Search Security Feature Bypass Vulnerability | Microsoft Windows Search Component | Important | 6.5 | Security Feature Bypass | No | No |
CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability | Microsoft WordPad | Important | 6.5 | Information Disclosure | Yes | Yes |
CVE-2023-36561 | Azure DevOps Server Elevation of Privilege Vulnerability | Azure DevOps | Important | 7.3 | Elevation of Privilege | No | No |
CVE-2023-36557 | PrintHTML API Remote Code Execution Vulnerability | Windows HTML Platform | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36438 | Windows TCP/IP Information Disclosure Vulnerability | Windows TCP/IP | Important | 7.5 | Information Disclosure | No | No |
CVE-2023-36435 | Microsoft QUIC Denial of Service Vulnerability | Microsoft QUIC | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36434 | Windows IIS Server Elevation of Privilege Vulnerability | Windows IIS | Important | 9.8 | Elevation of Privilege | No | No |
CVE-2023-36433 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Microsoft Dynamics | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36431 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36429 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Microsoft Dynamics | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36420 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | SQL Server | Important | 7.3 | Remote Code Execution | No | No |
CVE-2023-36419 | Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability | Azure | Important | 8.8 | Elevation of Privilege | No | No |
CVE-2023-36417 | Microsoft SQL ODBC Driver Remote Code Execution Vulnerability | SQL Server | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-44487 | MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack | HTTP/2 | Important | N/A | Denial of Service | Yes | No |
CVE-2023-29348 | Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability | Windows RDP | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-38166 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | Windows Layer 2 Tunneling Protocol | Critical | 8.1 | Remote Code Execution | No | No |
CVE-2023-38159 | Windows Graphics Component Elevation of Privilege Vulnerability | Microsoft Graphics Component | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36790 | Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability | Windows RDP | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36789 | Skype for Business Remote Code Execution Vulnerability | Skype for Business | Important | 7.2 | Remote Code Execution | No | No |
CVE-2023-36786 | Skype for Business Remote Code Execution Vulnerability | Skype for Business | Important | 7.2 | Remote Code Execution | No | No |
CVE-2023-36785 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | SQL Server | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36780 | Skype for Business Remote Code Execution Vulnerability | Skype for Business | Important | 7.2 | Remote Code Execution | No | No |
CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server | Important | 8 | Remote Code Execution | No | No |
CVE-2023-36776 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36743 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36566 | Microsoft Common Data Model SDK Denial of Service Vulnerability | Microsoft Common Data Model SDK | Important | 6.5 | Denial of Service | No | No |
CVE-2023-36565 | Microsoft Office Graphics Elevation of Privilege Vulnerability | Microsoft Office | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36436 | Windows MSHTML Platform Remote Code Execution Vulnerability | Windows HTML Platform | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36418 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Azure Real Time Operating System | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36416 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Microsoft Dynamics | Important | 6.1 | Spoofing | No | No |
CVE-2023-36415 | Azure Identity SDK Remote Code Execution Vulnerability | Azure SDK | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36414 | Azure Identity SDK Remote Code Execution Vulnerability | Azure SDK | Important | 8.8 | Remote Code Execution | No | No |
Prioritize the right vulnerabilities and accelerate your time-to-remediation
Watch this 3-minute video to see what Fortra VM can do for you.