Microsoft Patch Tuesday November 2023
Today, Microsoft released patches for 64 different vulnerabilities in Microsoft products, 14 vulnerabilities in Chromium affecting Microsoft Edge, and five vulnerabilities affecting Microsoft's Linux distribution, Mariner. Three of these vulnerabilities are already being exploited, and three have been made public before the release of the patches.
CVE-2023-36038: A denial of service vulnerability in ASP.NET Core. CVSS score of 8.2. This vulnerability was disclosed before the patch release.
CVE-2023-36413: A Microsoft Office security feature bypass. Exploiting this vulnerability will bypass the protected mode when opening a file received via the web. The file would open in editing mode, allowing malicious code execution. The vulnerability has been disclosed before the patch release.
CVE-2023-36036: A privilege escalation vulnerability in Microsoft's Windows Cloud Files Mini Filter Driver. This vulnerability is already being exploited.
CVE-2023-36033: A privilege escalation vulnerability in the Windows DWM Core Library. The vulnerability was exploited and disclosed before the patch release.
CVE-2023-36025: A security feature bypass vulnerability in Windows SmartScreen. This vulnerability was not public before the patch release, but it was already exploited.
Three of the vulnerabilities are considered critical. CVE-2023-36397, a remote code execution vulnerability in the Windows Pragmatic General Multicast (PGM) protocol, is noteworthy as we had patches for this in prior months. But exploitation should be difficult. It will require local network access and is not typically enabled.
Today's patches also included patches for several older open-source component vulnerabilities in Kubernetes, FRRouting, Traceroute, PyYAML. These affect Mariner Linux, the Linux variant used by Microsoft. I decided not to include them in the matrix below.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2023-36049 | No | No | - | - | Important | 7.6 | 6.8 |
ASP.NET Core - Security Feature Bypass Vulnerability | |||||||
CVE-2023-36558 | No | No | - | - | Important | 6.2 | 5.6 |
ASP.NET Core Denial of Service Vulnerability | |||||||
CVE-2023-36038 | Yes | No | - | - | Important | 8.2 | 7.1 |
ASP.NET Security Feature Bypass Vulnerability | |||||||
CVE-2023-36560 | No | No | - | - | Important | 8.8 | 7.7 |
Azure CLI REST Command Information Disclosure Vulnerability | |||||||
CVE-2023-36052 | No | No | - | - | Critical | 8.6 | 7.5 |
Azure DevOps Server Remote Code Execution Vulnerability | |||||||
CVE-2023-36437 | No | No | - | - | Important | 8.8 | 7.7 |
Chromium: CVE-2023-5480 Inappropriate implementation in Payments | |||||||
CVE-2023-5480 | No | No | - | - | - | ||
Chromium: CVE-2023-5482 Insufficient data validation in USB | |||||||
CVE-2023-5482 | No | No | - | - | - | ||
Chromium: CVE-2023-5849 Integer overflow in USB | |||||||
CVE-2023-5849 | No | No | - | - | - | ||
Chromium: CVE-2023-5850 Incorrect security UI in Downloads | |||||||
CVE-2023-5850 | No | No | - | - | - | ||
Chromium: CVE-2023-5851 Inappropriate implementation in Downloads | |||||||
CVE-2023-5851 | No | No | - | - | - | ||
Chromium: CVE-2023-5852 Use after free in Printing | |||||||
CVE-2023-5852 | No | No | - | - | - | ||
Chromium: CVE-2023-5853 Incorrect security UI in Downloads | |||||||
CVE-2023-5853 | No | No | - | - | - | ||
Chromium: CVE-2023-5854 Use after free in Profiles | |||||||
CVE-2023-5854 | No | No | - | - | - | ||
Chromium: CVE-2023-5855 Use after free in Reading Mode | |||||||
CVE-2023-5855 | No | No | - | - | - | ||
Chromium: CVE-2023-5856 Use after free in Side Panel | |||||||
CVE-2023-5856 | No | No | - | - | - | ||
Chromium: CVE-2023-5857 Inappropriate implementation in Downloads | |||||||
CVE-2023-5857 | No | No | - | - | - | ||
Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider | |||||||
CVE-2023-5858 | No | No | - | - | - | ||
Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture | |||||||
CVE-2023-5859 | No | No | - | - | - | ||
Chromium: CVE-2023-5996 Use after free in WebAudio | |||||||
CVE-2023-5996 | No | No | - | - | - | ||
DHCP Server Service Denial of Service Vulnerability | |||||||
CVE-2023-36392 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||||
CVE-2023-36410 | No | No | - | - | Important | 7.6 | 6.6 |
CVE-2023-36031 | No | No | - | - | Important | 7.6 | 6.6 |
CVE-2023-36016 | No | No | - | - | Important | 6.2 | 5.4 |
Microsoft Dynamics 365 Sales Spoofing Vulnerability | |||||||
CVE-2023-36030 | No | No | - | - | Important | 6.1 | 5.3 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||||
CVE-2023-36024 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
CVE-2023-36027 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||||
CVE-2023-36034 | No | No | Less Likely | Less Likely | Moderate | 7.3 | 6.4 |
CVE-2023-36022 | No | No | Less Likely | Less Likely | Moderate | 6.6 | 5.8 |
CVE-2023-36014 | No | No | Less Likely | Less Likely | Moderate | 7.3 | 6.4 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||||
CVE-2023-36029 | No | No | Less Likely | Less Likely | Moderate | 4.3 | 3.8 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2023-36041 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Excel Security Feature Bypass Vulnerability | |||||||
CVE-2023-36037 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Exchange Server Remote Code Execution Vulnerability | |||||||
CVE-2023-36439 | No | No | - | - | Important | 8.0 | 7.0 |
Microsoft Exchange Server Spoofing Vulnerability | |||||||
CVE-2023-36050 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2023-36039 | No | No | - | - | Important | 8.0 | 7.0 |
CVE-2023-36035 | No | No | - | - | Important | 8.0 | 7.0 |
Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability | |||||||
CVE-2023-38151 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||||||
CVE-2023-36428 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft Office Graphics Remote Code Execution Vulnerability | |||||||
CVE-2023-36045 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Office Security Feature Bypass Vulnerability | |||||||
CVE-2023-36413 | Yes | No | - | - | Important | 6.5 | 5.7 |
Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability | |||||||
CVE-2023-36021 | No | No | - | - | Important | 8.0 | 7.0 |
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | |||||||
CVE-2023-36028 | No | No | - | - | Important | 9.8 | 8.5 |
Microsoft Remote Registry Service Remote Code Execution Vulnerability | |||||||
CVE-2023-36423 | No | No | - | - | Important | 7.2 | 6.3 |
CVE-2023-36401 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability | |||||||
CVE-2023-36007 | No | No | - | - | Important | 7.6 | 6.6 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2023-38177 | No | No | - | - | Important | 6.1 | 5.3 |
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability | |||||||
CVE-2023-36719 | No | No | - | - | Important | 8.4 | 7.3 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2023-36402 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Windows Defender Elevation of Privilege Vulnerability | |||||||
CVE-2023-36422 | No | No | - | - | Important | 7.8 | 6.8 |
Mitre: CVE-2023-24023 Bluetooth Vulnerability | |||||||
CVE-2023-24023 | No | No | - | - | Important | ||
Open Management Infrastructure Information Disclosure Vulnerability | |||||||
CVE-2023-36043 | No | No | - | - | Important | 6.5 | 6.1 |
Visual Studio Code Jupyter Extension Spoofing Vulnerability | |||||||
CVE-2023-36018 | No | No | - | - | Important | 7.8 | 6.8 |
Visual Studio Denial of Service Vulnerability | |||||||
CVE-2023-36042 | No | No | - | - | Important | 6.2 | 5.4 |
Windows Authentication Denial of Service Vulnerability | |||||||
CVE-2023-36046 | No | No | - | - | Important | 7.1 | 6.2 |
Windows Authentication Elevation of Privilege Vulnerability | |||||||
CVE-2023-36047 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-36036 | No | Yes | - | - | Important | 7.8 | 7.2 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-36424 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Compressed Folder Remote Code Execution Vulnerability | |||||||
CVE-2023-36396 | No | No | - | - | Important | 7.8 | 6.8 |
Windows DWM Core Library Elevation of Privilege Vulnerability | |||||||
CVE-2023-36033 | Yes | Yes | - | - | Important | 7.8 | 7.0 |
Windows Deployment Services Denial of Service Vulnerability | |||||||
CVE-2023-36395 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Distributed File System (DFS) Remote Code Execution Vulnerability | |||||||
CVE-2023-36425 | No | No | - | - | Important | 8.0 | 7.0 |
Windows HMAC Key Derivation Elevation of Privilege Vulnerability | |||||||
CVE-2023-36400 | No | No | - | - | Critical | 8.8 | 7.7 |
Windows Hyper-V Elevation of Privilege Vulnerability | |||||||
CVE-2023-36427 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2023-36408 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-36407 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Hyper-V Information Disclosure Vulnerability | |||||||
CVE-2023-36406 | No | No | - | - | Important | 5.5 | 4.8 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2023-36705 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2023-36405 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2023-36403 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2023-36404 | No | No | - | - | Important | 5.5 | 4.8 |
Windows NTFS Information Disclosure Vulnerability | |||||||
CVE-2023-36398 | No | No | - | - | Important | 6.5 | 5.7 |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||||||
CVE-2023-36397 | No | No | - | - | Critical | 9.8 | 8.5 |
Windows Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2023-36017 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Search Service Elevation of Privilege Vulnerability | |||||||
CVE-2023-36394 | No | No | - | - | Important | 7.0 | 6.1 |
Windows SmartScreen Security Feature Bypass Vulnerability | |||||||
CVE-2023-36025 | No | Yes | - | - | Important | 8.8 | 8.2 |
Windows Storage Elevation of Privilege Vulnerability | |||||||
CVE-2023-36399 | No | No | - | - | Important | 7.1 | 6.2 |
Windows User Interface Application Core Remote Code Execution Vulnerability | |||||||
CVE-2023-36393 | No | No | - | - | Important | 7.8 | 6.8 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Comments