Blogs

Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws

Published

on

Today is Microsoft’s August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities.

While twenty-three RCE bugs were fixed, Microsoft only rated six as ‘Critical.’

The number of bugs in each vulnerability category is listed below:

  • 18 Elevation of Privilege vulnerabilities
  • 3 Security Feature Bypass vulnerabilities
  • 23 Remote Code Execution vulnerabilities
  • 10 Information Disclosure vulnerabilities
  • 8 Denial of Service vulnerabilities
  • 12 Spoofing vulnerabilities

These counts do not include twelve Microsoft Edge (Chromium) vulnerabilities fixed earlier this month.

Two actively exploited vulnerabilities

This month’s Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed.

Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.

The two actively exploited zero-day vulnerabilities in today’s updates are:

ADV230003 – Microsoft Office Defense in Depth Update (publicly disclosed)

Microsoft has released an Office Defense in Depth update to fix a patch bypass of the previously mitigated and actively exploited CVE-2023-36884 remote code execution flaw.

The CVE-2023-36884 flaw allowed threat actors to create specially crafted Microsoft Office documents that could bypass the Mark of the Web (MoTW) security feature, causing files to be opened without displaying a security warning and perform remote code execution.

The vulnerability was actively exploited by the RomCom hacking group, who was previously known to deploy the Industrial Spy ransomware in attacks. The ransomware operation has since rebranded as ‘Underground,’ under which they continue to extort victims.

The flaw was discovered by Paul Rascagneres and Tom Lancaster with Volexity.

CVE-2023-38180 – .NET and Visual Studio Denial of Service Vulnerability

Microsoft has fixed an actively exploited vulnerability that can cause a DoS attack on .NET applications and Visual Studio.

Unfortunately, Microsoft did not share any additional details on how this flaw was used in attacks and did not disclose who discovered the vulnerability.

Recent updates from other companies

Other vendors who released updates or advisories in August 2023 include:

A joint report by the CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities shared a list of the 12 most exploited vulnerabilities throughout 2022.

The August 2023 Patch Tuesday Security Updates

Below is the complete list of resolved vulnerabilities in the August 2023 Patch Tuesday updates.

To access the full description of each vulnerability and the systems it affects, you can view the full report here.

TagCVE IDCVE TitleSeverity
.NET CoreCVE-2023-38178.NET Core and Visual Studio Denial of Service VulnerabilityImportant
.NET CoreCVE-2023-35390.NET and Visual Studio Remote Code Execution VulnerabilityImportant
.NET FrameworkCVE-2023-36873.NET Framework Spoofing VulnerabilityImportant
ASP .NETCVE-2023-38180.NET and Visual Studio Denial of Service VulnerabilityImportant
ASP.NETCVE-2023-36899ASP.NET Elevation of Privilege VulnerabilityImportant
ASP.NET and Visual StudioCVE-2023-35391ASP.NET Core SignalR and Visual Studio Information Disclosure VulnerabilityImportant
Azure ArcCVE-2023-38176Azure Arc-Enabled Servers Elevation of Privilege VulnerabilityImportant
Azure DevOpsCVE-2023-36869Azure DevOps Server Spoofing VulnerabilityImportant
Azure HDInsightsCVE-2023-38188Azure Apache Hadoop Spoofing VulnerabilityImportant
Azure HDInsightsCVE-2023-35393Azure Apache Hive Spoofing VulnerabilityImportant
Azure HDInsightsCVE-2023-35394Azure HDInsight Jupyter Notebook Spoofing VulnerabilityImportant
Azure HDInsightsCVE-2023-36881Azure Apache Ambari Spoofing VulnerabilityImportant
Azure HDInsightsCVE-2023-36877Azure Apache Oozie Spoofing VulnerabilityImportant
Dynamics Business Central ControlCVE-2023-38167Microsoft Dynamics Business Central Elevation Of Privilege VulnerabilityImportant
MarinerCVE-2023-35945UnknownUnknown
Memory Integrity System Readiness Scan ToolADV230004Memory Integrity System Readiness Scan Tool Defense in Depth UpdateModerate
Microsoft DynamicsCVE-2023-35389Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2023-38157Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityModerate
Microsoft Edge (Chromium-based)CVE-2023-4068Chromium: CVE-2023-4068 Type Confusion in V8Unknown
Microsoft Edge (Chromium-based)CVE-2023-4072Chromium: CVE-2023-4072 Out of bounds read and write in WebGLUnknown
Microsoft Edge (Chromium-based)CVE-2023-4071Chromium: CVE-2023-4071 Heap buffer overflow in VisualsUnknown
Microsoft Edge (Chromium-based)CVE-2023-4073Chromium: CVE-2023-4073 Out of bounds memory access in ANGLEUnknown
Microsoft Edge (Chromium-based)CVE-2023-4075Chromium: CVE-2023-4075 Use after free in CastUnknown
Microsoft Edge (Chromium-based)CVE-2023-4074Chromium: CVE-2023-4074 Use after free in Blink Task SchedulingUnknown
Microsoft Edge (Chromium-based)CVE-2023-4076Chromium: CVE-2023-4076 Use after free in WebRTCUnknown
Microsoft Edge (Chromium-based)CVE-2023-4077Chromium: CVE-2023-4077 Insufficient data validation in ExtensionsUnknown
Microsoft Edge (Chromium-based)CVE-2023-4078Chromium: CVE-2023-4078 Inappropriate implementation in ExtensionsUnknown
Microsoft Edge (Chromium-based)CVE-2023-4070Chromium: CVE-2023-4070 Type Confusion in V8Unknown
Microsoft Edge (Chromium-based)CVE-2023-4069Chromium: CVE-2023-4069 Type Confusion in V8Unknown
Microsoft Exchange ServerCVE-2023-38185Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2023-35388Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2023-35368Microsoft Exchange Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2023-38181Microsoft Exchange Server Spoofing VulnerabilityImportant
Microsoft Exchange ServerCVE-2023-38182Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2023-21709Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant
Microsoft OfficeADV230003Microsoft Office Defense in Depth UpdateModerate
Microsoft OfficeCVE-2023-36897Visual Studio Tools for Office Runtime Spoofing VulnerabilityImportant
Microsoft Office ExcelCVE-2023-36896Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2023-35371Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2023-36893Microsoft Outlook Spoofing VulnerabilityImportant
Microsoft Office OutlookCVE-2023-36895Microsoft Outlook Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2023-36891Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2023-36894Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2023-36890Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2023-36892Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Office VisioCVE-2023-35372Microsoft Office Visio Remote Code Execution VulnerabilityImportant
Microsoft Office VisioCVE-2023-36865Microsoft Office Visio Remote Code Execution VulnerabilityImportant
Microsoft Office VisioCVE-2023-36866Microsoft Office Visio Remote Code Execution VulnerabilityImportant
Microsoft TeamsCVE-2023-29328Microsoft Teams Remote Code Execution VulnerabilityCritical
Microsoft TeamsCVE-2023-29330Microsoft Teams Remote Code Execution VulnerabilityCritical
Microsoft WDAC OLE DB provider for SQLCVE-2023-36882Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WindowsCVE-2023-20569AMD: CVE-2023-20569 Return Address PredictorImportant
Microsoft Windows Codecs LibraryCVE-2023-38170HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Reliability Analysis Metrics Calculation EngineCVE-2023-36876Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege VulnerabilityImportant
Role: Windows Hyper-VCVE-2023-36908Windows Hyper-V Information Disclosure VulnerabilityImportant
SQL ServerCVE-2023-38169Microsoft OLE DB Remote Code Execution VulnerabilityImportant
Tablet Windows User InterfaceCVE-2023-36898Tablet Windows User Interface Application Core Remote Code Execution VulnerabilityImportant
Windows Bluetooth A2DP driverCVE-2023-35387Windows Bluetooth A2DP driver Elevation of Privilege VulnerabilityImportant
Windows Cloud Files Mini Filter DriverCVE-2023-36904Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2023-36900Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Cryptographic ServicesCVE-2023-36907Windows Cryptographic Services Information Disclosure VulnerabilityImportant
Windows Cryptographic ServicesCVE-2023-36906Windows Cryptographic Services Information Disclosure VulnerabilityImportant
Windows DefenderCVE-2023-38175Microsoft Windows Defender Elevation of Privilege VulnerabilityImportant
Windows Fax and Scan ServiceCVE-2023-35381Windows Fax Service Remote Code Execution VulnerabilityImportant
Windows Group PolicyCVE-2023-36889Windows Group Policy Security Feature Bypass VulnerabilityImportant
Windows HTML PlatformCVE-2023-35384Windows HTML Platforms Security Feature Bypass VulnerabilityImportant
Windows KernelCVE-2023-35359Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-38154Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35382Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35386Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35380Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2023-38184Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-36909Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-35376Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-38172Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-35385Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-35383Microsoft Message Queuing Information Disclosure VulnerabilityImportant
Windows Message QueuingCVE-2023-36913Microsoft Message Queuing Information Disclosure VulnerabilityImportant
Windows Message QueuingCVE-2023-35377Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-38254Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-36911Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-36910Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-36912Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Mobile Device ManagementCVE-2023-38186Windows Mobile Device Management Elevation of Privilege VulnerabilityImportant
Windows Projected File SystemCVE-2023-35378Windows Projected File System Elevation of Privilege VulnerabilityImportant
Windows Reliability Analysis Metrics Calculation EngineCVE-2023-35379Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege VulnerabilityImportant
Windows Smart CardCVE-2023-36914Windows Smart Card Resource Management Server Security Feature Bypass VulnerabilityImportant
Windows System Assessment ToolCVE-2023-36903Windows System Assessment Tool Elevation of Privilege VulnerabilityImportant
Windows Wireless Wide Area Network ServiceCVE-2023-36905Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure VulnerabilityImportant

Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2023-patch-tuesday-warns-of-2-zero-days-87-flaws/

Click to comment
Exit mobile version