In its August update, Microsoft has rolled out patches addressing a total of 74 newly identified vulnerabilities.
In the August 2023 Patch Tuesday updates, Microsoft addressed a total of 74 vulnerabilities, marking a decrease from the previous month’s count of 132. Among these, there were six Critical and 67 Important security vulnerabilities. Noteworthy details from the updates include:
- ADV230003 and ADV230004 Defense-in-Depth Updates: Microsoft released two defense-in-depth updates, including one for Microsoft Office (ADV230003) and another for the Memory Integrity System Readiness Scan Tool (ADV230004). The latter addressed a publicly known bug related to the absence of a resource information section in the original version of the tool.
- CVE-2023-36884 (ADV230003): This security flaw, tracked as CVE-2023-36884, pertains to a remote code execution vulnerability in Office and Windows HTML. It has been actively exploited by the RomCom threat actor linked to Russia. The update for this vulnerability was emphasized as a preventive measure to halt the attack chain leading to remote code execution.
- Chromium-based Edge and AMD Vulnerabilities: The updates also covered 31 issues in Microsoft’s Chromium-based Edge browser. Additionally, a side-channel flaw affecting certain AMD processor models (CVE-2023-20569 or Inception) was addressed.
- Remote Code Execution and Spoofing Flaws: Several remote code execution vulnerabilities were patched in Microsoft Message Queuing (MSMQ) and Microsoft Teams. Moreover, spoofing vulnerabilities were addressed in Azure Apache Ambari, Hadoop, Hive, Oozie, DevOps Server, HDInsight Jupyter, and .NET Framework.
- CVE-2023-35388 and CVE-2023-38182: These are remote code execution vulnerabilities found in Exchange Server. They have been assigned an “Exploitation More Likely” assessment. Exploiting these vulnerabilities requires an adjacent attack vector and valid Exchange credentials.
- CVE-2023-38180: A proof-of-concept (PoC) exploit for a Denial-of-Service vulnerability in .NET and Visual Studio was acknowledged. Microsoft noted that this PoC may require substantial modification by a skilled attacker to be functional in all situations.
- Privilege Escalation Flaws in Windows Kernel: The update included patches for five privilege escalation vulnerabilities in the Windows Kernel. These vulnerabilities could potentially be exploited by a threat actor with local access to gain SYSTEM privileges on the target machine.
These updates collectively enhance the security posture of Microsoft’s software products by addressing various vulnerabilities and potential attack vectors.
References:
For detailed information and specific remediation steps, please refer to Microsoft’s official security advisories and documentation for the August 2023 Patch Tuesday updates.
