VERT Threat Alert: September 2023 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th.
In-The-Wild & Disclosed CVEs
CVE-2023-36761
Microsoft has indicated that a vulnerability impacting Microsoft Word, including the preview pane, has been publicly disclosed and has seen active exploitation. Successful exploitation of the vulnerability could disclose NTLM hashes to the attacker. Microsoft has reported this vulnerability as Exploitation Detected.
CVE-2023-36802
A vulnerability in the Microsoft Streaming Service Proxy, a driver included with Windows 10 and Windows 11, as well as Windows Server, could be exploited to gain SYSTEM level permissions. While Microsoft has reported active exploitation, they have not indicated that this vulnerability has been publicly disclosed. Microsoft has reported this vulnerability as Exploitation Detected.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
Tag |
CVE Count |
CVEs |
.NET Core & Visual Studio |
1 |
CVE-2023-36799 |
Microsoft Office Word |
2 |
CVE-2023-36762, CVE-2023-36761 |
Visual Studio |
2 |
CVE-2023-36759, CVE-2023-36758 |
Windows Common Log File System Driver |
2 |
CVE-2023-38144, CVE-2023-38143 |
Microsoft Streaming Service |
1 |
CVE-2023-36802 |
Microsoft Office SharePoint |
1 |
CVE-2023-36764 |
Microsoft Windows Codecs Library |
1 |
CVE-2023-38147 |
Visual Studio Code |
2 |
CVE-2023-36742, CVE-2023-39956 |
Windows Themes |
1 |
CVE-2023-38146 |
Windows Cloud Files Mini Filter Driver |
1 |
CVE-2023-35355 |
Azure HDInsights |
1 |
CVE-2023-38156 |
3D Builder |
4 |
CVE-2023-36773, CVE-2023-36772, CVE-2023-36771, CVE-2023-36770 |
Microsoft Office Excel |
1 |
CVE-2023-36766 |
3D Viewer |
4 |
CVE-2022-41303, CVE-2023-36760, CVE-2023-36740, CVE-2023-36739 |
Windows GDI |
2 |
CVE-2023-38161, CVE-2023-36804 |
Microsoft Azure Kubernetes Service |
1 |
CVE-2023-29332 |
Windows Kernel |
6 |
CVE-2023-38150, CVE-2023-38142, CVE-2023-38141, CVE-2023-38140, CVE-2023-38139, CVE-2023-36803 |
Microsoft Exchange Server |
5 |
CVE-2023-36757, CVE-2023-36756, CVE-2023-36745, CVE-2023-36744, CVE-2023-36777 |
Microsoft Office |
3 |
CVE-2023-36767, CVE-2023-36765, CVE-2023-41764 |
Windows Defender |
1 |
CVE-2023-38163 |
Windows Internet Connection Sharing (ICS) |
1 |
CVE-2023-38148 |
Windows Scripting |
1 |
CVE-2023-36805 |
.NET Framework |
1 |
CVE-2023-36788 |
Microsoft Identity Linux Broker |
1 |
CVE-2023-36736 |
.NET and Visual Studio |
4 |
CVE-2023-36796, CVE-2023-36794, CVE-2023-36793, CVE-2023-36792 |
Microsoft Office Outlook |
1 |
CVE-2023-36763 |
Windows TCP/IP |
2 |
CVE-2023-38149, CVE-2023-38160 |
Microsoft Dynamics Finance & Operations |
1 |
CVE-2023-36800 |
Windows DHCP Server |
3 |
CVE-2023-38162, CVE-2023-38152, CVE-2023-36801 |
Microsoft Edge (Chromium-based) |
5 |
CVE-2023-4761, CVE-2023-4762, CVE-2023-4763, CVE-2023-4764, CVE-2023-4863 |
Azure DevOps |
2 |
CVE-2023-33136, CVE-2023-38155 |
Microsoft Dynamics |
2 |
CVE-2023-36886, CVE-2023-38164 |
Other Information
At the time of publication, there were no new advisories included with the September Security Guidance.