Microsoft August 2023 Patch Tuesday

Published: 2023-08-08. Last Updated: 2023-08-08 17:55:38 UTC
by Renato Marinho (Version: 1)
0 comment(s)

This month we got patches for 88 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft.

One of the exploited vulnerabilities is .NET and Visual Studio Denial of Service Vulnerability (CVE-2023-38180). The max severity for the vulnerability is important and the CVSS is 7.5.

The other exploited vulnerability is Microsoft Office Defense in Depth Update (ADV230003). According to the advisory this defense in depth update is not a vulnerability, but installing this update stops the attack chain leading to the Windows Search security feature bypass vulnerability (CVE-2023-36884). Microsoft recommends installing the Office updates discussed in this advisory as well as installing the Windows updates from August 2023.

Moving to critical vulnerabilities, there are Remote Code Execution (RCE) vulnerabilities affecting Microsoft Message Queuing (CVE-2023-35385, CVE-2023-36910, and CVE-2023-36911). According to the advisory, the Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. The attack complexity is low, no privileges and no user interaction are required. The CVSS for this vulnerability is 9.8.

August 2023 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
-- no title --
CVE-2023-35945 No No - - - 7.5 7.5
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2023-38178 No No - - Important 7.5 6.5
.NET Framework Spoofing Vulnerability
CVE-2023-36873 No No - - Important 7.4 6.7
.NET and Visual Studio Denial of Service Vulnerability
CVE-2023-38180 No Yes - - Important 7.5 6.7
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-35390 No No - - Important 7.8 7.0
AMD: CVE-2023-20569 Return Address Predictor
CVE-2023-20569 No No - - Important    
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
CVE-2023-35391 No No - - Important 7.1 6.4
ASP.NET Elevation of Privilege Vulnerability
CVE-2023-36899 No No - - Important 7.5 6.7
Azure Apache Ambari Spoofing Vulnerability
CVE-2023-36881 No No - - Important 4.5 3.9
Azure Apache Hadoop Spoofing Vulnerability
CVE-2023-38188 No No - - Important 4.5 3.9
Azure Apache Hive Spoofing Vulnerability
CVE-2023-35393 No No - - Important 4.5 3.9
Azure Apache Oozie Spoofing Vulnerability
CVE-2023-36877 No No - - Important 4.5 3.9
Azure Arc-Enabled Servers Elevation of Privilege Vulnerability
CVE-2023-38176 No No - - Important 7.0 6.1
Azure DevOps Server Spoofing Vulnerability
CVE-2023-36869 No No - - Important 6.3 6.0
Azure HDInsight Jupyter Notebook Spoofing Vulnerability
CVE-2023-35394 No No - - Important 4.6 4.0
Chromium: CVE-2023-4068 Type Confusion in V8
CVE-2023-4068 No No - - -    
Chromium: CVE-2023-4069 Type Confusion in V8
CVE-2023-4069 No No - - -    
Chromium: CVE-2023-4070 Type Confusion in V8
CVE-2023-4070 No No - - -    
Chromium: CVE-2023-4071 Heap buffer overflow in Visuals
CVE-2023-4071 No No - - -    
Chromium: CVE-2023-4072 Out of bounds read and write in WebGL
CVE-2023-4072 No No - - -    
Chromium: CVE-2023-4073 Out of bounds memory access in ANGLE
CVE-2023-4073 No No - - -    
Chromium: CVE-2023-4074 Use after free in Blink Task Scheduling
CVE-2023-4074 No No - - -    
Chromium: CVE-2023-4075 Use after free in Cast
CVE-2023-4075 No No - - -    
Chromium: CVE-2023-4076 Use after free in WebRTC
CVE-2023-4076 No No - - -    
Chromium: CVE-2023-4077 Insufficient data validation in Extensions
CVE-2023-4077 No No - - -    
Chromium: CVE-2023-4078 Inappropriate implementation in Extensions
CVE-2023-4078 No No - - -    
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2023-38170 No No - - Important 7.8 6.8
Memory Integrity System Readiness Scan Tool Defense in Depth Update
ADV230004 Yes No - - Moderate    
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2023-35389 No No - - Important 6.5 5.7
Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability
CVE-2023-38167 No No - - Important 7.2 6.3
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-38157 No No Less Likely Less Likely Moderate 6.5 5.7
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-36896 No No - - Important 7.8 6.8
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2023-35368 No No - - Important 8.8 7.7
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2023-21709 No No - - Important 9.8 8.5
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38185 No No - - Important 8.8 7.7
CVE-2023-35388 No No - - Important 8.0 7.0
CVE-2023-38182 No No - - Important 8.0 7.0
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-38181 No No - - Important 8.8 7.7
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36909 No No - - Important 6.5 5.7
CVE-2023-36912 No No - - Important 7.5 6.5
CVE-2023-35376 No No - - Important 6.5 5.7
CVE-2023-38254 No No - - Important 6.5 5.7
CVE-2023-35377 No No - - Important 6.5 5.7
CVE-2023-38172 No No - - Important 7.5 6.5
Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2023-36913 No No - - Important 6.5 5.7
CVE-2023-35383 No No - - Important 7.5 6.5
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36910 No No - - Critical 9.8 8.5
CVE-2023-36911 No No - - Critical 9.8 8.5
CVE-2023-35385 No No - - Critical 9.8 8.5
Microsoft OLE DB Remote Code Execution Vulnerability
CVE-2023-38169 No No - - Important 8.8 7.7
Microsoft Office Defense in Depth Update
ADV230003 Yes Yes - - Moderate    
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-35371 No No - - Important 7.8 6.8
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-36865 No No - - Important 7.8 6.8
CVE-2023-36866 No No - - Important 7.8 6.8
CVE-2023-35372 No No - - Important 7.8 6.8
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-36895 No No - - Critical 7.8 6.8
Microsoft Outlook Spoofing Vulnerability
CVE-2023-36893 No No - - Important 6.5 5.7
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2023-36890 No No - - Important 6.5 5.7
CVE-2023-36894 No No - - Important 6.5 5.7
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-36891 No No - - Important 8.0 7.0
CVE-2023-36892 No No - - Important 8.0 7.0
Microsoft Teams Remote Code Execution Vulnerability
CVE-2023-29328 No No - - Critical 8.8 7.7
CVE-2023-29330 No No - - Critical 8.8 7.7
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36882 No No - - Important 8.8 7.7
Microsoft Windows Defender Elevation of Privilege Vulnerability
CVE-2023-38175 No No - - Important 7.8 6.8
Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability
CVE-2023-36876 No No - - Important 7.1 6.2
Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability
CVE-2023-35379 No No - - Important 7.8 6.8
Tablet Windows User Interface Application Core Remote Code Execution Vulnerability
CVE-2023-36898 No No - - Important 7.8 6.8
Visual Studio Tools for Office Runtime Spoofing Vulnerability
CVE-2023-36897 No No - - Important 8.1 7.3
Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability
CVE-2023-35387 No No - - Important 8.8 7.7
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-36904 No No - - Important 7.8 6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-36900 No No - - Important 7.8 6.8
Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2023-36906 No No - - Important 5.5 4.8
CVE-2023-36907 No No - - Important 5.5 4.8
Windows Fax Service Remote Code Execution Vulnerability
CVE-2023-35381 No No - - Important 8.8 7.7
Windows Group Policy Security Feature Bypass Vulnerability
CVE-2023-36889 No No - - Important 5.5 4.8
Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2023-35384 No No - - Important 5.4 4.7
Windows Hyper-V Information Disclosure Vulnerability
CVE-2023-36908 No No - - Important 5.7 5.0
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35359 No No - - Important 7.8 6.8
CVE-2023-35380 No No - - Important 7.8 6.8
CVE-2023-35382 No No - - Important 7.8 6.8
CVE-2023-35386 No No - - Important 7.8 6.8
CVE-2023-38154 No No - - Important 7.8 6.8
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2023-38184 No No - - Important 7.5 6.5
Windows Mobile Device Management Elevation of Privilege Vulnerability
CVE-2023-38186 No No - - Important 7.8 6.8
Windows Projected File System Elevation of Privilege Vulnerability
CVE-2023-35378 No No - - Important 7.0 6.1
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
CVE-2023-36914 No No - - Important 5.5 4.8
Windows System Assessment Tool Elevation of Privilege Vulnerability
CVE-2023-36903 No No - - Important 7.8 6.8
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2023-36905 No No - - Important 5.5 4.8

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

--
Renato Marinho
Morphus Labs| LinkedIn|Twitt

Keywords:
0 comment(s)
ISC Stormcast For Tuesday, August 8th, 2023 https://isc.sans.edu/podcastdetail/8606

Comments


Diary Archives