Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws


Patch Tuesday

At present is Microsoft’s November 2023 Patch Tuesday, which incorporates safety updates for a complete of 58 flaws and 5 zero-day vulnerabilities.

Whereas fourteen distant code execution (RCE) bugs have been mounted, Microsoft solely rated one as vital. The three vital flaws mounted at present are an Azure data disclosure bug, an RCE in Home windows Web Connection Sharing (ICS), and a Hyper-V escape flaw that permits the executions of packages on the host with SYSTEM privileges.

The variety of bugs in every vulnerability class is listed beneath:

  • 16 Elevation of Privilege Vulnerabilities
  • 6 Safety Function Bypass Vulnerabilities
  • 15 Distant Code Execution Vulnerabilities
  • 6 Info Disclosure Vulnerabilities
  • 5 Denial of Service Vulnerabilities
  • 11 Spoofing Vulnerabilities

The entire depend of 58 flaws doesn’t embody 5 Mariner safety updates and 20 Microsoft Edge safety updates launched earlier this month.

To study extra concerning the non-security updates launched at present, you possibly can evaluation our devoted articles on the brand new Home windows 11 KB5032190 cumulative replace and Home windows 10 KB5032189 cumulative replace.

5 zero-days mounted

This month’s Patch Tuesday fixes 5 zero-day vulnerabilities, with three exploited in assaults and three publicly disclosed.

Microsoft classifies a vulnerability as a zero-day whether it is publicly disclosed or actively exploited with no official repair out there.

The three actively exploited zero-day vulnerabilities in at present’s updates are:

CVE-2023-36036 – Home windows Cloud Information Mini Filter Driver Elevation of Privilege Vulnerability

Microsoft has mounted an actively exploited Home windows Cloud Information Mini Filter Elevation of Privileges bug.

“An attacker who efficiently exploited this vulnerability may achieve SYSTEM privileges,” explains Microsoft.

It’s not recognized how the flaw was abused in assaults or by what menace actor.

The flaw was found internally by the Microsoft Menace Intelligence Microsoft Safety Response Middle.

CVE-2023-36033 – Home windows DWM Core Library Elevation of Privilege Vulnerability

Microsoft has mounted an actively exploited and publicly disclosed Home windows DWM Core Library vulnerability that can be utilized to raise privileges to SYSTEM.

“An attacker who efficiently exploited this vulnerability may achieve SYSTEM privileges,” explains Microsoft.

Microsoft says that the flaw was found by Quan Jin(@jq0904) with DBAPPSecurity WeBin Lab however didn’t share particulars on how they have been utilized in assaults.

CVE-2023-36025 – Home windows SmartScreen Safety Function Bypass Vulnerability

Microsoft has mounted an actively exploited Home windows SmartScreen flaw that permits a malicious Web Shortcut to bypass safety checks and warnings.

“The attacker would be capable of bypass Home windows Defender SmartScreen checks and their related prompts,” explains Microsoft.

“The consumer must click on on a specifically crafted Web Shortcut (.URL) or a hyperlink pointing to an Web Shortcut file to be compromised by the attacker,” continues Microsoft.

Microsoft says that the flaw was found by Will Metcalf (Splunk), Microsoft Menace Intelligence, and the Microsoft Workplace Product Group Safety Group.

BleepingComputer contacted Splunk concerning the flaw to study the way it was exploited.

As well as, Microsoft says that two different publicly disclosed zero-day bugs, ‘CVE-2023-36413 – Microsoft Workplace Safety Function Bypass Vulnerability’ and the ‘CVE-2023-36038 — ASP.NET Core Denial of Service Vulnerability,’ have been additionally mounted as a part of at present’s Patch Tuesday.

Nevertheless, Microsoft says that they weren’t actively exploited in assaults.

Current updates from different corporations

Different distributors who launched updates or advisories in November 2023 embody:

The November 2023 Patch Tuesday Safety Updates

Beneath is the whole checklist of resolved vulnerabilities within the November 2023 Patch Tuesday updates.

To entry the complete description of every vulnerability and the methods it impacts, you possibly can view the complete report right here.

Tag CVE ID CVE Title Severity
.NET Framework CVE-2023-36049 .NET, .NET Framework, and Visible Studio Elevation of Privilege Vulnerability Necessary
ASP.NET CVE-2023-36560 ASP.NET Safety Function Bypass Vulnerability Necessary
ASP.NET CVE-2023-36038 ASP.NET Core Denial of Service Vulnerability Necessary
ASP.NET CVE-2023-36558 ASP.NET Core – Safety Function Bypass Vulnerability Necessary
Azure CVE-2023-36052 Azure CLI REST Command Info Disclosure Vulnerability Important
Azure CVE-2023-38151 Microsoft Host Integration Server 2020 Distant Code Execution Vulnerability Necessary
Azure CVE-2023-36021 Microsoft On-Prem Information Gateway Safety Function Bypass Vulnerability Necessary
Azure DevOps CVE-2023-36437 Azure DevOps Server Distant Code Execution Vulnerability Necessary
Mariner CVE-2020-1747 Unknown Unknown
Mariner CVE-2023-46316 Unknown Unknown
Mariner CVE-2023-46753 Unknown Unknown
Mariner CVE-2020-8554 Unknown Unknown
Mariner CVE-2020-14343 Unknown Unknown
Microsoft Bluetooth Driver CVE-2023-24023 Mitre: CVE-2023-24023 Bluetooth Vulnerability Necessary
Microsoft Dynamics CVE-2023-36016 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Necessary
Microsoft Dynamics CVE-2023-36007 Microsoft Ship Buyer Voice survey from Dynamics 365 Spoofing Vulnerability Necessary
Microsoft Dynamics CVE-2023-36031 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Necessary
Microsoft Dynamics CVE-2023-36410 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Necessary
Microsoft Dynamics 365 Gross sales CVE-2023-36030 Microsoft Dynamics 365 Gross sales Spoofing Vulnerability Necessary
Microsoft Edge (Chromium-based) CVE-2023-36014 Microsoft Edge (Chromium-based) Distant Code Execution Vulnerability Reasonable
Microsoft Edge (Chromium-based) CVE-2023-5996 Chromium: CVE-2023-5996 Use after free in WebAudio Unknown
Microsoft Edge (Chromium-based) CVE-2023-36022 Microsoft Edge (Chromium-based) Distant Code Execution Vulnerability Reasonable
Microsoft Edge (Chromium-based) CVE-2023-36027 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Necessary
Microsoft Edge (Chromium-based) CVE-2023-36029 Microsoft Edge (Chromium-based) Spoofing Vulnerability Reasonable
Microsoft Edge (Chromium-based) CVE-2023-5480 Chromium: CVE-2023-5480 Inappropriate implementation in Funds Unknown
Microsoft Edge (Chromium-based) CVE-2023-5856 Chromium: CVE-2023-5856 Use after free in Facet Panel Unknown
Microsoft Edge (Chromium-based) CVE-2023-5855 Chromium: CVE-2023-5855 Use after free in Studying Mode Unknown
Microsoft Edge (Chromium-based) CVE-2023-5854 Chromium: CVE-2023-5854 Use after free in Profiles Unknown
Microsoft Edge (Chromium-based) CVE-2023-5859 Chromium: CVE-2023-5859 Incorrect safety UI in Image In Image Unknown
Microsoft Edge (Chromium-based) CVE-2023-5858 Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Supplier Unknown
Microsoft Edge (Chromium-based) CVE-2023-5857 Chromium: CVE-2023-5857 Inappropriate implementation in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2023-5850 Chromium: CVE-2023-5850 Incorrect safety UI in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2023-5849 Chromium: CVE-2023-5849 Integer overflow in USB Unknown
Microsoft Edge (Chromium-based) CVE-2023-5482 Chromium: CVE-2023-5482 Inadequate information validation in USB Unknown
Microsoft Edge (Chromium-based) CVE-2023-5853 Chromium: CVE-2023-5853 Incorrect safety UI in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2023-5852 Chromium: CVE-2023-5852 Use after free in Printing Unknown
Microsoft Edge (Chromium-based) CVE-2023-5851 Chromium: CVE-2023-5851 Inappropriate implementation in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2023-36024 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Necessary
Microsoft Edge (Chromium-based) CVE-2023-36034 Microsoft Edge (Chromium-based) Distant Code Execution Vulnerability Reasonable
Microsoft Trade Server CVE-2023-36439 Microsoft Trade Server Distant Code Execution Vulnerability Necessary
Microsoft Trade Server CVE-2023-36050 Microsoft Trade Server Spoofing Vulnerability Necessary
Microsoft Trade Server CVE-2023-36039 Microsoft Trade Server Spoofing Vulnerability Necessary
Microsoft Trade Server CVE-2023-36035 Microsoft Trade Server Spoofing Vulnerability Necessary
Microsoft Workplace CVE-2023-36413 Microsoft Workplace Safety Function Bypass Vulnerability Necessary
Microsoft Workplace CVE-2023-36045 Microsoft Workplace Graphics Distant Code Execution Vulnerability Necessary
Microsoft Workplace Excel CVE-2023-36041 Microsoft Excel Distant Code Execution Vulnerability Necessary
Microsoft Workplace Excel CVE-2023-36037 Microsoft Excel Safety Function Bypass Vulnerability Necessary
Microsoft Workplace SharePoint CVE-2023-38177 Microsoft SharePoint Server Distant Code Execution Vulnerability Necessary
Microsoft Distant Registry Service CVE-2023-36423 Microsoft Distant Registry Service Distant Code Execution Vulnerability Necessary
Microsoft Distant Registry Service CVE-2023-36401 Microsoft Distant Registry Service Distant Code Execution Vulnerability Necessary
Microsoft WDAC OLE DB supplier for SQL CVE-2023-36402 Microsoft WDAC OLE DB supplier for SQL Server Distant Code Execution Vulnerability Necessary
Microsoft Home windows Search Part CVE-2023-36394 Home windows Search Service Elevation of Privilege Vulnerability Necessary
Microsoft Home windows Speech CVE-2023-36719 Microsoft Speech Software Programming Interface (SAPI) Elevation of Privilege Vulnerability Necessary
Open Administration Infrastructure CVE-2023-36043 Open Administration Infrastructure Info Disclosure Vulnerability Necessary
Pill Home windows Consumer Interface CVE-2023-36393 Home windows Consumer Interface Software Core Distant Code Execution Vulnerability Necessary
Visible Studio CVE-2023-36042 Visible Studio Denial of Service Vulnerability Necessary
Visible Studio Code CVE-2023-36018 Visible Studio Code Jupyter Extension Spoofing Vulnerability Necessary
Home windows Authentication Strategies CVE-2023-36047 Home windows Authentication Elevation of Privilege Vulnerability Necessary
Home windows Authentication Strategies CVE-2023-36428 Microsoft Native Safety Authority Subsystem Service Info Disclosure Vulnerability Necessary
Home windows Authentication Strategies CVE-2023-36046 Home windows Authentication Denial of Service Vulnerability Necessary
Home windows Cloud Information Mini Filter Driver CVE-2023-36036 Home windows Cloud Information Mini Filter Driver Elevation of Privilege Vulnerability Necessary
Home windows Widespread Log File System Driver CVE-2023-36424 Home windows Widespread Log File System Driver Elevation of Privilege Vulnerability Necessary
Home windows Compressed Folder CVE-2023-36396 Home windows Compressed Folder Distant Code Execution Vulnerability Necessary
Home windows Defender CVE-2023-36422 Microsoft Home windows Defender Elevation of Privilege Vulnerability Necessary
Home windows Deployment Companies CVE-2023-36395 Home windows Deployment Companies Denial of Service Vulnerability Necessary
Home windows DHCP Server CVE-2023-36392 DHCP Server Service Denial of Service Vulnerability Necessary
Home windows Distributed File System (DFS) CVE-2023-36425 Home windows Distributed File System (DFS) Distant Code Execution Vulnerability Necessary
Home windows DWM Core Library CVE-2023-36033 Home windows DWM Core Library Elevation of Privilege Vulnerability Necessary
Home windows HMAC Key Derivation CVE-2023-36400 Home windows HMAC Key Derivation Elevation of Privilege Vulnerability Important
Home windows Hyper-V CVE-2023-36427 Home windows Hyper-V Elevation of Privilege Vulnerability Necessary
Home windows Hyper-V CVE-2023-36407 Home windows Hyper-V Elevation of Privilege Vulnerability Necessary
Home windows Hyper-V CVE-2023-36406 Home windows Hyper-V Info Disclosure Vulnerability Necessary
Home windows Hyper-V CVE-2023-36408 Home windows Hyper-V Elevation of Privilege Vulnerability Necessary
Home windows Installer CVE-2023-36705 Home windows Installer Elevation of Privilege Vulnerability Necessary
Home windows Web Connection Sharing (ICS) CVE-2023-36397 Home windows Pragmatic Basic Multicast (PGM) Distant Code Execution Vulnerability Important
Home windows Kernel CVE-2023-36405 Home windows Kernel Elevation of Privilege Vulnerability Necessary
Home windows Kernel CVE-2023-36404 Home windows Kernel Info Disclosure Vulnerability Necessary
Home windows Kernel CVE-2023-36403 Home windows Kernel Elevation of Privilege Vulnerability Necessary
Home windows NTFS CVE-2023-36398 Home windows NTFS Info Disclosure Vulnerability Necessary
Home windows Protected EAP (PEAP) CVE-2023-36028 Microsoft Protected Extensible Authentication Protocol (PEAP) Distant Code Execution Vulnerability Necessary
Home windows Scripting CVE-2023-36017 Home windows Scripting Engine Reminiscence Corruption Vulnerability Necessary
Home windows SmartScreen CVE-2023-36025 Home windows SmartScreen Safety Function Bypass Vulnerability Necessary
Home windows Storage CVE-2023-36399 Home windows Storage Elevation of Privilege Vulnerability Necessary



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles