Today is Microsoft’s September 2023 Patch Tuesday, with security updates for 59 flaws, including two actively exploited zero-day vulnerabilities.
While twenty-four RCE bugs were fixed, Microsoft only rated five as ‘Critical’ — four remote code execution flaws and Azure Kubernetes Service elevation of privilege vulnerability.
The number of bugs in each vulnerability category is listed below:
- 3 Security Feature Bypass Vulnerabilities
- 24 Remote Code Execution Vulnerabilities
- 9 Information Disclosure Vulnerabilities
- 3 Denial of Service Vulnerabilities
- 5 Spoofing Vulnerabilities
- 5 Edge – Chromium Vulnerabilities
The total count of 59 flaws does not include five Microsoft Edge (Chromium) vulnerabilities two non-Microsoft flaws in Electron and Autodesk.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5030219 cumulative update and Windows 10 KB5030211 updates released.
Two actively exploited zero-day vulnerabilities
This month’s Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The two actively exploited zero-day vulnerabilities in today’s updates are:
CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges.
The flaw was discovered by Quan Jin(@jq0904) & ze0r with DBAPPSecurity WeBin Lab, Valentina Palmiotti with IBM X-Force, Microsoft Threat Intelligence, and Microsoft Security Response Center.
CVE-2023-36761 – Microsoft Word Information Disclosure Vulnerability
Microsoft has fixed an actively exploited vulnerability that can be used to steal NTLM hashes when opening a document, including in the preview pane.
These NTLM hashes can be cracked or used in NTLM Relay attacks to gain access to the account.
This flaw was discovered internally by the Microsoft Threat Intelligence group.
Recent updates from other companies
Other vendors who released updates or advisories in September 2023 include:
The September 2023 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities in the September 2023 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET and Visual Studio | CVE-2023-36794 | Visual Studio Remote Code Execution Vulnerability | Important |
| .NET and Visual Studio | CVE-2023-36796 | Visual Studio Remote Code Execution Vulnerability | Critical |
| .NET and Visual Studio | CVE-2023-36792 | Visual Studio Remote Code Execution Vulnerability | Critical |
| .NET and Visual Studio | CVE-2023-36793 | Visual Studio Remote Code Execution Vulnerability | Critical |
| .NET Core & Visual Studio | CVE-2023-36799 | .NET Core and Visual Studio Denial of Service Vulnerability | Important |
| .NET Framework | CVE-2023-36788 | .NET Framework Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-36772 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-36771 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-36770 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Builder | CVE-2023-36773 | 3D Builder Remote Code Execution Vulnerability | Important |
| 3D Viewer | CVE-2022-41303 | AutoDesk: CVE-2022-41303 use-after-free vulnerability in Autodesk® FBX® SDK 2020 or prior | Important |
| 3D Viewer | CVE-2023-36760 | 3D Viewer Remote Code Execution Vulnerability | Important |
| 3D Viewer | CVE-2023-36740 | 3D Viewer Remote Code Execution Vulnerability | Important |
| 3D Viewer | CVE-2023-36739 | 3D Viewer Remote Code Execution Vulnerability | Important |
| Azure DevOps | CVE-2023-33136 | Azure DevOps Server Remote Code Execution Vulnerability | Important |
| Azure DevOps | CVE-2023-38155 | Azure DevOps Server Remote Code Execution Vulnerability | Important |
| Azure HDInsights | CVE-2023-38156 | Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability | Important |
| Microsoft Azure Kubernetes Service | CVE-2023-29332 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | Critical |
| Microsoft Dynamics | CVE-2023-38164 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2023-36886 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics Finance & Operations | CVE-2023-36800 | Dynamics Finance and Operations Cross-site Scripting Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2023-4863 | Chromium: CVE-2023-4863 Heap buffer overflow in WebP | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-4763 | Chromium: CVE-2023-4763 Use after free in Networks | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-4761 | Chromium: CVE-2023-4761 Out of bounds memory access in FedCM | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-4764 | Chromium: CVE-2023-4764 Incorrect security UI in BFCache | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2023-4762 | Chromium: CVE-2023-4762 Type Confusion in V8 | Unknown |
| Microsoft Exchange Server | CVE-2023-36744 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-36756 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-36745 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-36777 | Microsoft Exchange Server Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2023-36757 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Identity Linux Broker | CVE-2023-36736 | Microsoft Identity Linux Broker Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2023-36767 | Microsoft Office Security Feature Bypass Vulnerability | Important |
| Microsoft Office | CVE-2023-36765 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2023-41764 | Microsoft Office Spoofing Vulnerability | Moderate |
| Microsoft Office Excel | CVE-2023-36766 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office Outlook | CVE-2023-36763 | Microsoft Outlook Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2023-36764 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Important |
| Microsoft Office Word | CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability | Important |
| Microsoft Office Word | CVE-2023-36762 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Streaming Service | CVE-2023-36802 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2023-38147 | Windows Miracast Wireless Display Remote Code Execution Vulnerability | Important |
| Visual Studio | CVE-2023-36758 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2023-36759 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio Code | CVE-2023-36742 | Visual Studio Code Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2023-39956 | Electron: CVE-2023-39956 -Visual Studio Code Remote Code Execution Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2023-35355 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2023-38143 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2023-38144 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Defender | CVE-2023-38163 | Windows Defender Attack Surface Reduction Security Feature Bypass | Important |
| Windows DHCP Server | CVE-2023-38152 | DHCP Server Service Information Disclosure Vulnerability | Important |
| Windows DHCP Server | CVE-2023-38162 | DHCP Server Service Denial of Service Vulnerability | Important |
| Windows DHCP Server | CVE-2023-36801 | DHCP Server Service Information Disclosure Vulnerability | Important |
| Windows GDI | CVE-2023-36804 | Windows GDI Elevation of Privilege Vulnerability | Important |
| Windows GDI | CVE-2023-38161 | Windows GDI Elevation of Privilege Vulnerability | Important |
| Windows Internet Connection Sharing (ICS) | CVE-2023-38148 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | Critical |
| Windows Kernel | CVE-2023-38141 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2023-38142 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2023-38139 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2023-38140 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2023-38150 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2023-36803 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Scripting | CVE-2023-36805 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Important |
| Windows TCP/IP | CVE-2023-38160 | Windows TCP/IP Information Disclosure Vulnerability | Important |
| Windows TCP/IP | CVE-2023-38149 | Windows TCP/IP Denial of Service Vulnerability | Important |
| Windows Themes | CVE-2023-38146 | Windows Themes Remote Code Execution Vulnerability | Important |
Source: www.bleepingcomputer.com