Microsoft's September Patch Report Identified 2 Major Cyber Security Flaws

Cyber Security
Written By Sidney Kirkman
Key insights from Microsoft's September 2023 Patch Report: Protect your systems with the latest cybersecurity updates. Image: Computer screen displaying essential graphs and data.

Today Microsoft has released their Tuesday monthly patch containing fixes for 59 flaws, and two actively exploited vulnerabilities.

  • 3 Security Feature Bypass Vulnerabilities

  • 24 Remote Code Execution Vulnerabilities

  • 9 Information Disclosure Vulnerabilities

  • 3 Denial of Service Vulnerabilities

  • 5 Spoofing Vulnerabilities

  • 5 Edge - Chromium Vulnerabilities

The total count of 59 flaws does not include five Microsoft Edge (Chromium) vulnerabilities, two non-Microsoft flaws in Electron and Autodesk.

Two actively exploited zero-day vulnerabilities

CVE-2023-36802 - Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges. The flaw was discovered by Quan Jin(@jq0904) & ze0r with DBAPPSecurity WeBin Lab, Valentina Palmiotti with IBM X-Force, Microsoft Threat Intelligence, and Microsoft Security Response Center.

CVE-2023-36761 - Microsoft Word Information Disclosure Vulnerability. Microsoft has fixed an actively exploited vulnerability that can be used to steal NTLM hashes when opening a document, including in the preview pane. These NTLM hashes can be cracked or used in NTLM Relay attacks to gain access to the account. This flaw was discovered internally by the Microsoft Threat Intelligence group.



Internet Connection Sharing (ICS) RCE Vulnerability

One of the most critical vulnerabilities patched this month includes ‘Internet Connection Sharing (ICS)’. If enabled, attackers could end up executing code remotely to a victim’s device. While CVE-2023-38148 does have a CVSS base score of 8.8 and is more likely to be exploited according to Microsoft.

Visual Studio RCE Vulnerabilities

The majority of critically rated vulnerabilities this month are in Visual Studio. CVE-2023-36792, CVE-2023-36793, and CVE-2023-36796 are all rated as critical. In the case of these three vulnerabilities, the "remote" part only refers to the location of the attacker, the actual exploitation of the vulnerability must be done locally. CVE-2023-36794 is the last of the vulnerabilities fixed for Visual Studio this month but has the exact same description, however less severely rated than the other three mentioned.



Full List of September Patch Below:

  1. CVE-2023-36794 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Important

  2. CVE-2023-36796 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Critical

  3. CVE-2023-36792 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Critical

  4. CVE-2023-36793 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Remote Code Execution | Critical

  5. CVE-2023-36799 - With a CVSS score of 6.5 | Vulnerability: NET Core and Visual Studio Denial of Service | Important

  6. CVE-2023-36788 - With a CVSS score of 7.8 | Vulnerability: NET Framework Remote Code Execution | Important

  7. CVE-2023-36772 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important

  8. CVE-2023-36771 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important

  9. CVE-2023-36770 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important

  10. CVE-2023-36773 - With a CVSS score of 7.8 | Vulnerability: 3D Builder Remote Code Execution | Important

  11. CVE-2022-41303 - No CVSS score | Vulnerability: AutoDesk: CVE-2022-41303 use-after-free in Autodesk® FBX® SDK 2020 or prior | Important

  12. CVE-2023-36760 - With a CVSS score of 7.8 | Vulnerability: 3D Viewer Remote Code Execution | Important

  13. CVE-2023-36740 - With a CVSS score of 7.8 | Vulnerability: 3D Viewer Remote Code Execution | Important

  14. CVE-2023-36739 - With a CVSS score of 7.8 | Vulnerability: 3D Viewer Remote Code Execution | Important

  15. CVE-2023-33136 - With a CVSS score of 8.8 | Vulnerability: Azure DevOps Server Remote Code Execution | Important

  16. CVE-2023-38155 - With a CVSS score of 7.0 | Vulnerability: Azure DevOps Server Remote Code Execution | Important

  17. CVE-2023-38156 - With a CVSS score of 7.2 | Vulnerability: Azure HDInsight Apache Ambari Elevation of Privilege | Important

  18. CVE-2023-29332 - With a CVSS score of 7.5 | Vulnerability: Microsoft Azure Kubernetes Service Elevation of Privilege | Critical

  19. CVE-2023-38164 - With a CVSS score of 7.6 | Vulnerability: Microsoft Dynamics 365 (on-premises) Cross-site Scripting | Important

  20. CVE-2023-36886 - With a CVSS score of 7.6 | Vulnerability: Microsoft Dynamics 365 (on-premises) Cross-site Scripting | Important

  21. CVE-2023-36800 - With a CVSS score of 7.6 | Vulnerability: Dynamics Finance and Operations Cross-site Scripting | Important

  22. CVE-2023-4863 - No CVSS score | Vulnerability: Chromium: CVE-2023-4863 Heap buffer overflow in WebP | Unknown

  23. CVE-2023-4763 - No CVSS score | Vulnerability: Chromium: CVE-2023-4763 Use after free in Networks | Unknown

  24. CVE-2023-4761 - No CVSS score | Vulnerability: Chromium: CVE-2023-4761 Out of bounds memory access in FedCM | Unknown

  25. CVE-2023-4764 - No CVSS score | Vulnerability: Chromium: CVE-2023-4764 Incorrect security UI in BFCache | Unknown

  26. CVE-2023-4762 - No CVSS score | Vulnerability: Chromium: CVE-2023-4762 Type Confusion in V8 | Unknown

  27. CVE-2023-36744 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important

  28. CVE-2023-36756 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important

  29. CVE-2023-36745 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Remote Code Execution | Important

  30. CVE-2023-36777 - With a CVSS score of 5.7 | Vulnerability: Microsoft Exchange Server Information Disclosure | Important

  31. CVE-2023-36757 - With a CVSS score of 8.0 | Vulnerability: Microsoft Exchange Server Spoofing | Important

  32. CVE-2023-36736 - With a CVSS score of 4.4 | Vulnerability: Microsoft Identity Linux Broker Remote Code Execution | Important

  33. CVE-2023-36767 - With a CVSS score of 4.3 | Vulnerability: Microsoft Office Security Feature Bypass | Important

  34. CVE-2023-36765 - With a CVSS score of 7.8 | Vulnerability: Microsoft Office Elevation of Privilege | Important

  35. CVE-2023-41764 - With a CVSS score of 5.5 | Vulnerability: Microsoft Office Spoofing | Moderate

  36. CVE-2023-36766 - With a CVSS score of 7.8 | Vulnerability: Microsoft Excel Information Disclosure | Important

  37. CVE-2023-36763 - With a CVSS score of 7.5 | Vulnerability: Microsoft Outlook Information Disclosure | Important

  38. CVE-2023-36764 - With a CVSS score of 8.8 | Vulnerability: Microsoft SharePoint Server Elevation of Privilege | Important

  39. CVE-2023-36761 - With a CVSS score of 6.2 | Vulnerability: Microsoft Word Information Disclosure | Important

  40. CVE-2023-36762 - With a CVSS score of 7.3 | Vulnerability: Microsoft Word Remote Code Execution | Important

  41. CVE-2023-36802 - With a CVSS score of 7.8 | Vulnerability: Microsoft Streaming Service Proxy Elevation of Privilege | Important

  42. CVE-2023-38147 - With a CVSS score of 8.8 | Vulnerability: Windows Miracast Wireless Display Remote Code Execution | Important

  43. CVE-2023-36758 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Elevation of Privilege | Important

  44. CVE-2023-36759 - With a CVSS score of 6.7 | Vulnerability: Visual Studio Elevation of Privilege | Important

  45. CVE-2023-36742 - With a CVSS score of 7.8 | Vulnerability: Visual Studio Code Remote Code Execution | Important

  46. CVE-2023-39956 - No CVSS score | Vulnerability: Electron - CVE-2023-39956 - Visual Studio Code Remote Code Execution | Important

  47. CVE-2023-35355 - With a CVSS score of 7.8 | Vulnerability: Windows Cloud Files Mini Filter Driver Elevation of Privilege | Important

  48. CVE-2023-38143 - With a CVSS score of 7.8 | Vulnerability: Windows Common Log File System Driver Elevation of Privilege | Important

  49. CVE-2023-38144 - With a CVSS score of 7.8 | Vulnerability: Windows Common Log File System Driver Elevation of Privilege | Important

  50. CVE-2023-38163 - With a CVSS score of 7.8 | Vulnerability: Windows Defender Attack Surface Reduction Security Feature Bypass | Important

  51. CVE-2023-38152 - With a CVSS score of 5.3 | Vulnerability: DHCP Server Service Information Disclosure | Important

  52. CVE-2023-38162 - With a CVSS score of 7.5 | Vulnerability: DHCP Server Service Denial of Service | Important

  53. CVE-2023-36801 - With a CVSS score of 5.3 | Vulnerability: DHCP Server Service Information Disclosure | Important

  54. CVE-2023-36804 - With a CVSS score of 7.8 | Vulnerability: Windows GDI Elevation of Privilege | Important

  55. CVE-2023-38161 - With a CVSS score of 7.8 | Vulnerability: Windows GDI Elevation of Privilege | Important

  56. CVE-2023-38148 - With a CVSS score of 8.8 | Vulnerability: Internet Connection Sharing (ICS) Remote Code Execution | Critical

  57. CVE-2023-38141 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important

  58. CVE-2023-38142 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important

  59. CVE-2023-38139 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important

  60. CVE-2023-38140 - With a CVSS score of 5.5 | Vulnerability: Windows Kernel Information Disclosure | Important

  61. CVE-2023-38150 - With a CVSS score of 7.8 | Vulnerability: Windows Kernel Elevation of Privilege | Important

  62. CVE-2023-36803 - With a CVSS score of 5.5 | Vulnerability: Windows Kernel Information Disclosure | Important

  63. CVE-2023-36805 - With a CVSS score of 7.0 | Vulnerability: Windows MSHTML Platform Security Feature Bypass | Important

  64. CVE-2023-38160 - With a CVSS score of 5.5 | Vulnerability: Windows TCP/IP Information Disclosure | Important

  65. CVE-2023-38149 - With a CVSS score of 7.5 | Vulnerability: Windows TCP/IP Denial of Service | Important

  66. CVE-2023-38146 - With a CVSS score of 8.8 | Vulnerability: Windows Themes Remote Code Execution | Important

The Computer Department

Speak to us about all your computer needs

This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.

 
Sidney Kirkman
Previous

Russian Hackers Strike Australian Companies in 'BlackCat' Cyber Attacks
Next

Guard Your Cyber Safety: The Hidden Risks of Outdated Software