Microsoft September 2023 Patch Tuesday

Published: 2023-09-12. Last Updated: 2023-09-12 20:37:17 UTC
by Renato Marinho (Version: 1)
1 comment(s)

This month we got patches for 66 vulnerabilities. Of these, 5 are critical, and 2 are already being exploited, according to Microsoft.

One of the exploited vulnerabilities is a Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability (CVE-2023-36802). According to the advisory, an attacker who successfully exploited this vulnerability could gain SYSTEM privileges. The CVSS for this vulnerability is 6.8.

The second one is a Microsoft Word Information Disclosure Vulnerability (CVE-2023-36761). According to the advisory, the Preview Pane is an attack vector and exploiting this vulnerability could allow the disclosure of NTLM hashes. 

Regarding critical vulnerabilities, one of them is a Remote Code Execution (RCE) vulnerability on Internet Connection Sharing (ICS) (CVE-2023-38148). According to the advisory, an unauthorized attacker could exploit this Internet Connection Sharing (ICS) vulnerability by sending a specially crafted network packet to the Internet Connection Sharing (ICS) Service. This vulnerability requires no user interaction and no privileges. The CVSS is 8.8 -  the highest for this month.

The second highest CVSS this month is associated to a RCE affecting Visual Studio (CVE-2023-36793). To exploit this vulnerability an attacker would have to convince a user to open a maliciously crafted package file in Visual Studio. The CVSS is 7.8.

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/
 

September 2023 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2023-36799 No No - - Important 6.5 5.7
.NET Framework Remote Code Execution Vulnerability
CVE-2023-36788 No No - - Important 7.8 6.8
3D Builder Remote Code Execution Vulnerability
CVE-2023-36773 No No - - Important 7.8 6.8
CVE-2023-36772 No No - - Important 7.8 6.8
CVE-2023-36771 No No - - Important 7.8 6.8
CVE-2023-36770 No No - - Important 7.8 6.8
3D Viewer Remote Code Execution Vulnerability
CVE-2023-36760 No No - - Important 7.8 6.8
CVE-2023-36740 No No - - Important 7.8 6.8
CVE-2023-36739 No No - - Important 7.8 6.8
AutoDesk: CVE-2022-41303 use-after-free vulnerability in Autodesk® FBX® SDK 2020 or prior
CVE-2022-41303 No No Less Likely Less Likely Important    
Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-33136 No No - - Important 8.8 7.7
CVE-2023-38155 No No - - Important 7.0 6.3
Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability
CVE-2023-38156 No No - - Important 7.2 6.3
Chromium: CVE-2023-4761 Out of bounds memory access in FedCM
CVE-2023-4761 No No - - -    
Chromium: CVE-2023-4762 Type Confusion in V8
CVE-2023-4762 No No - - -    
Chromium: CVE-2023-4763 Use after free in Networks
CVE-2023-4763 No No - - -    
Chromium: CVE-2023-4764 Incorrect security UI in BFCache
CVE-2023-4764 No No - - -    
Chromium: CVE-2023-4863 Heap buffer overflow in WebP
CVE-2023-4863 No No - - -    
DHCP Server Service Denial of Service Vulnerability
CVE-2023-38162 No No - - Important 7.5 6.5
DHCP Server Service Information Disclosure Vulnerability
CVE-2023-38152 No No - - Important 5.3 4.6
CVE-2023-36801 No No - - Important 5.3 4.6
Dynamics Finance and Operations Cross-site Scripting Vulnerability
CVE-2023-36800 No No - - Important 7.6 6.6
Electron: CVE-2023-39956 -Visual Studio Code Remote Code Execution Vulnerability
CVE-2023-39956 No No - - Important    
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
CVE-2023-38148 No No - - Critical 8.8 7.7
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
CVE-2023-29332 No No - - Critical 7.5 6.5
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36886 No No - - Important 7.6 6.6
CVE-2023-38164 No No - - Important 7.6 6.6
Microsoft Excel Information Disclosure Vulnerability
CVE-2023-36766 No No - - Important 7.8 6.8
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2023-36777 No No - - Important 5.7 5.0
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36756 No No - - Important 8.0 7.0
CVE-2023-36745 No No - - Important 8.0 7.0
CVE-2023-36744 No No - - Important 8.0 7.0
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36757 No No - - Important 8.0 7.0
Microsoft Identity Linux Broker Remote Code Execution Vulnerability
CVE-2023-36736 No No - - Important 4.4 3.9
Microsoft Office Elevation of Privilege Vulnerability
CVE-2023-36765 No No - - Important 7.8 6.8
Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-36767 No No - - Important 4.3 3.8
Microsoft Office Spoofing Vulnerability
CVE-2023-41764 No No - - Moderate 5.5 4.8
Microsoft Outlook Information Disclosure Vulnerability
CVE-2023-36763 No No - - Important 7.5 6.5
Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-36764 No No - - Important 8.8 7.7
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
CVE-2023-36802 No Yes - - Important 7.8 6.8
Microsoft Word Information Disclosure Vulnerability
CVE-2023-36761 Yes Yes - - Important 6.2 5.6
Microsoft Word Remote Code Execution Vulnerability
CVE-2023-36762 No No - - Important 7.3 6.4
Visual Studio Code Remote Code Execution Vulnerability
CVE-2023-36742 No No - - Important 7.8 6.8
Visual Studio Elevation of Privilege Vulnerability
CVE-2023-36759 No No - - Important 6.7 5.8
CVE-2023-36758 No No - - Important 7.8 6.8
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36796 No No - - Critical 7.8 6.8
CVE-2023-36794 No No - - Important 7.8 6.8
CVE-2023-36793 No No - - Critical 7.8 6.8
CVE-2023-36792 No No - - Critical 7.8 6.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-35355 No No - - Important 7.8 6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-38144 No No - - Important 7.8 6.8
CVE-2023-38143 No No - - Important 7.8 6.8
Windows Defender Attack Surface Reduction Security Feature Bypass
CVE-2023-38163 No No - - Important 7.8 6.8
Windows GDI Elevation of Privilege Vulnerability
CVE-2023-38161 No No - - Important 7.8 6.8
CVE-2023-36804 No No - - Important 7.8 6.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38150 No No - - Important 7.8 7.0
CVE-2023-38142 No No - - Important 7.8 6.8
CVE-2023-38141 No No - - Important 7.8 6.8
CVE-2023-38139 No No - - Important 7.8 6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2023-38140 No No - - Important 5.5 4.8
CVE-2023-36803 No No - - Important 5.5 4.8
Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2023-36805 No No Less Likely Less Likely Important 7.0 6.1
Windows Miracast Wireless Display Remote Code Execution Vulnerability
CVE-2023-38147 No No - - Important 8.8 7.7
Windows TCP/IP Denial of Service Vulnerability
CVE-2023-38149 No No - - Important 7.5 6.5
Windows TCP/IP Information Disclosure Vulnerability
CVE-2023-38160 No No - - Important 5.5 4.8
Windows Themes Remote Code Execution Vulnerability
CVE-2023-38146 No No - - Important 8.8 7.7

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
1 comment(s)
ISC Stormcast For Tuesday, September 12th, 2023 https://isc.sans.edu/podcastdetail/8654

Comments


Diary Archives