Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563, CVE-2023-41763)

Posted on by Admin
Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563, CVE-2023-41763)

Related Post


</p> <p><strong>Microsoft addresses 103 CVEs including two vulnerabilities that were exploited in the wild.</strong></p> <ol class="blog-severity-badges"> <li class="blog-severity-badges critical"><span class="number">12</span>Critical</li> <li class="blog-severity-badges important"><span class="number">91</span>Important</li> <li class="blog-severity-badges moderate"><span class="number">0</span>Moderate</li> <li class="blog-severity-badges low"><span class="number">0</span>Low</li> </ol> <p>Microsoft patched 103 CVEs in its October Patch Tuesday release, with 12 rated as critical and 91 rated as important. We omitted CVE-2023-44487 from our counts as this vulnerability was reported to MITRE and not Microsoft and does not exclusively affect Microsoft products. Details about this flaw are included in our analysis below.</p> </p> <p>This month’s update includes patches for:</p> <ul> <li>Active Directory Domain Services</li> <li>Azure</li> <li>Azure DevOps</li> <li>Azure Real Time Operating System</li> <li>Azure SDK</li> <li>Client Server Run-time Subsystem (CSRSS)</li> <li>Microsoft Common Data Model SDK</li> <li>Microsoft Dynamics</li> <li>Microsoft Exchange Server</li> <li>Microsoft Graphics Component</li> <li>Microsoft Office</li> <li>Microsoft QUIC</li> <li>Microsoft WDAC OLE DB provider for SQL</li> <li>Microsoft Windows Media Foundation</li> <li>Microsoft Windows Search Component</li> <li>Microsoft WordPad</li> <li>SQL Server</li> <li>Skype for Business</li> <li>Windows Active Template Library</li> <li>Windows AllJoyn API</li> <li>Windows Client/Server Runtime Subsystem</li> <li>Windows Common Log File System Driver</li> <li>Windows Container Manager Service</li> <li>Windows DHCP Server</li> <li>Windows Deployment Services</li> <li>Windows Error Reporting</li> <li>Windows HTML Platform</li> <li>Windows IIS</li> <li>Windows IKE Extension</li> <li>Windows Kernel</li> <li>Windows Layer 2 Tunneling Protocol</li> <li>Windows Mark of the Web (MOTW)</li> <li>Windows Message Queuing</li> <li>Windows Microsoft DirectMusic</li> <li>Windows Mixed Reality Developer Tools</li> <li>Windows NT OS Kernel</li> <li>Windows Named Pipe File System</li> <li>Windows Power Management Service</li> <li>Windows RDP</li> <li>Windows Remote Procedure Call</li> <li>Windows Resilient File System (ReFS)</li> <li>Windows Runtime C++ Template Library</li> <li>Windows Setup Files Cleanup</li> <li>Windows TCP/IP</li> <li>Windows TPM</li> <li>Windows Virtual Trusted Platform Module</li> <li>Windows Win32K</li> </ul> <p><img decoding="async" referrerpolicy="no-referrer" src="https://www.tenable.com/sites/default/files/images/blog/2925717e-8cda-4797-aacc-a30e417a43d0.png" title="Chart"/></p> <p>Remote code execution (RCE) vulnerabilities accounted for 43.7% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 25.2%.</p> <div class="blog-severity-alert"> <p><h2>CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36563"><u>CVE-2023-36563</u></a> is an information disclosure vulnerability in Microsoft WordPad that was assigned a CVSSv3 score of 6.5. It was exploited in the wild as a zero-day and was publicly disclosed prior to the October 2023 Patch Tuesday release. An unauthenticated, remote attacker could exploit this vulnerability using social engineering in order to convince a target to open a link or download a malicious file and run it on the vulnerable system. Alternatively, an attacker could execute a specially crafted application to exploit the flaw after gaining access to a vulnerable system. Successful exploitation could lead to the disclosure of New Technology LAN Manager (NTLM) hashes.</p> <p>This is the third zero-day vulnerability patched in 2023 that could result in the unauthorized disclosure of NTLM hashes. In <a href="https://www.tenable.com/blog/microsofts-march-2023-patch-tuesday-addresses-76-cves-cve-2023-23397"><u>March</u></a>, Microsoft patched <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397"><u>CVE-2023-23397</u></a>, a Microsoft Outlook elevation of privilege vulnerability, and in <a href="https://www.tenable.com/blog/microsofts-september-2023-patch-tuesday-addresses-61-cves-cve-2023-36761"><u>September</u></a>, Microsoft patched <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36761"><u>CVE-2023-36761</u></a>, an information disclosure vulnerability in Microsoft Word. It is unclear if all three of these vulnerabilities were exploited by the same attackers.</p> </div> </div> <div class="blog-severity-alert"> <p><h2>CVE-2023-41763 | Skype for Business Elevation of Privilege Vulnerability</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-41763"><u>CVE-2023-41763</u></a> is an EoP vulnerability in Skype for Business that was assigned a CVSSv3 score of 5.3 and rated important. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted network call to a vulnerable Skype for Business server. Successful exploitation would result in the disclosure of sensitive information, which could be used to gain access to internal networks.</p> <p>This vulnerability was exploited in the wild according to Microsoft, though no details have been shared at the time this blog post was published. However, this vulnerability is noted to have been publicly disclosed previously. Researcher Florian Hauser of Code White GmbH published a two-part blog series in September 2022 investigating Skype for Business 2019. In <a href="https://frycos.github.io/vulns4free/2022/09/26/skype-audit-part2.html"><u>his second blog post</u></a>, Hauser revealed a server-side request forgery vulnerability (SSRF) that he called SKYPErimeterleak. In it, he notes that Microsoft rejected his submission for the flaw. However, it would appear that Microsoft has since opted to accept his submission, assigning this CVE and providing patches for this vulnerability.</p> </div> </div> <div class="blog-severity-alert"> <p><h2>CVE-2023-35349 | Microsoft Message Queuing Remote Code Execution Vulnerability</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-35349"><u>CVE-2023-35349</u></a> is a RCE vulnerability in the Microsoft <a href="https://learn.microsoft.com/en-us/previous-versions/windows/desktop/msmq/ms711472(v=vs.85)"><u>Message Queuing (MSMQ)</u></a> component of Windows operating systems that was assigned a CVSSv3 score of 9.8 and rated critical. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted packet to a vulnerable target.</p> <p>In addition to CVE-2023-35349, Microsoft has patched 15 additional RCE vulnerabilities in MSMQ:</p> <div class="table-responsive"> <table class="table"> <thead> <tr> <th><strong>CVE</strong></th> <th><strong>Title</strong></th> <th><strong>CVSSv3 Score</strong></th> <th><strong>Exploitability</strong></th> </tr> </thead> <tbody> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36593"><u>CVE-2023-36593</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.8</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36570"><u>CVE-2023-36570</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36571"><u>CVE-2023-36571</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36582"><u>CVE-2023-36582</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36573"><u>CVE-2023-36573</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36572"><u>CVE-2023-36572</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36591"><u>CVE-2023-36591</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36590"><u>CVE-2023-36590</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36589"><u>CVE-2023-36589</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36592"><u>CVE-2023-36592</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36583"><u>CVE-2023-36583</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36578"><u>CVE-2023-36578</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36574"><u>CVE-2023-36574</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36575"><u>CVE-2023-36575</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>7.3</td> <td>Exploitation Less Likely</td> </tr> <tr> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36697"><u>CVE-2023-36697</u></a></td> <td>Microsoft Message Queuing Remote Code Execution Vulnerability</td> <td>6.8</td> <td>Exploitation Less Likely</td> </tr> </tbody> </table> </div> <p>While CVE-2023-36697 was also rated critical, successful exploitation requires either user interaction or for the attacker to be authenticated as a domain user and to have compromised a MSMQ server within the target network.</p> <p>CVE-2023-35349 and CVE-2023-36697 are two of several critical RCE vulnerabilities in MSMQ that have been patched this year. <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-35385"><u>CVE-2023-35385</u></a>, <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36910"><u>CVE-2023-36910</u></a> and <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36911"><u>CVE-2023-36911</u></a> were patched in <a href="https://www.tenable.com/blog/microsofts-august-2023-patch-tuesday-addresses-73-cves-cve-2023-38180"><u>August</u></a>, <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32057"><u>CVE-2023-32057</u></a> in <a href="https://www.tenable.com/blog/microsofts-july-2023-patch-tuesday-addresses-130-cves-cve-2023-36884"><u>July</u></a> and <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21554"><u>CVE-2023-21554</u></a> in <a href="https://www.tenable.com/blog/microsofts-april-2023-patch-tuesday-addresses-97-cves-cve-2023-28252"><u>April</u></a>. Although all of these vulnerabilities were rated “Exploitation Less Likely” using the <a href="https://www.microsoft.com/en-us/msrc/exploitability-index"><u>Microsoft Exploitability Index</u></a>, customers are encouraged to apply these patches as soon as possible.</p> <p>In order for a system to be vulnerable to these vulnerabilities, the MSMQ service must be added and enabled. According to Microsoft, if the service is enabled on a Windows installation, a service named “Message Queueing” will be running on TCP port 1801. Tenable customers can use <a href="https://www.tenable.com/plugins/nessus/174933"><u>Plugin 174933</u></a> to identify systems that have this service running.</p> </div> </div> <div class="blog-severity-alert"> <p><h2>CVE-2023-36434 | Windows IIS Server Elevation of Privilege Vulnerability</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36434"><u>CVE-2023-36434</u></a> is an EoP vulnerability in Windows IIS server that was assigned a CVSSv3 score of 9.8 and rated as important. According to Microsoft, exploitation of this vulnerability is achieved by an attacker brute forcing a user’s login credentials. Because the chances of success can vary greatly and are less likely when strong passwords are in place, Microsoft’s severity rating is important, despite the critical CVSS score.</p> <p><a href="https://www.tenable.com/blog/password-management-and-authentication-best-practices"><u>Weak passwords</u></a> and password policies can open the door for malicious actors and remain a major risk for organizations. To combat this, we recommend reviewing the suggestions from this <a href="https://www.cisa.gov/news-events/news/choosing-and-protecting-passwords"><u>Cybersecurty and Infrastructure Security Agency (CISA) blog post</u></a> and the Tenable whitepaper, <a href="https://www.tenable.com/whitepapers/password-authentication-and-web-best-practices"><u>Password, Authentication and Web Best Practices</u></a>.</p> </div> </div> <div class="blog-severity-alert"> <p><h2>CVE-2023-36569 | Microsoft Office Elevation of Privilege Vulnerability</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36569"><u>CVE-2023-36569</u></a> is an EoP vulnerability in Microsoft Office assigned a CVSSv3 score of 8.4 and is rated as important. Successful exploitation of this vulnerability would provide an attacker with SYSTEM level privileges. Microsoft notes that this vulnerability is less likely to be exploited and that the preview pane is not an attack vector for exploiting this vulnerability.</p> </div> </div> <div class="blog-severity-alert"> <p><h2>CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36778"><u>CVE-2023-36778</u></a> is a RCE vulnerability in Microsoft Exchange Server that was assigned a CVSSv3 score of 8 and is rated as important. A local, authenticated attacker could exploit this vulnerability through a remote PowerShell session with the target server. The vulnerability is caused by improper validation of cmdlet arguments within Microsoft Exchange Server. CVE-2023-36778 was rated “Exploitation More Likely” using the Microsoft Exploitability Index.</p> </div> </div> <div class="blog-severity-alert"> <p><h2>CVE-2023-44487 | HTTP/2 Rapid Reset Attack</h2> </p> <div class="col-sm-12"> <p><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-44487"><u>CVE-2023-44487</u></a> is a denial of service (DoS) vulnerability affecting HTTP/2 web servers that was exploited in the wild. While this vulnerability was not exclusive to affecting Microsoft servers, patches were made available to address this vulnerability in multiple versions of Windows, including Server Core installations.</p> <p>This vulnerability was exploited against multiple targets in a distributed denial of service (DDoS) attack and was first observed by <a href="https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"><u>Cloudflare</u></a> on August 25 and <a href="https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"><u>Edgio</u></a> on August 28th. Cloudflare worked with both <a href="https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"><u>Google</u></a> and <a href="https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"><u>Amazon AWS</u></a> who have acknowledged that additional mitigations are in place to address this vulnerability. As noted in Cloudflare’s technical blog post, the underlying vulnerability is in HTTP/2 and other vendors utilizing HTTP/2 may be affected by the vulnerability. We anticipate additional patches or mitigation guidance will be released by vendors that implement HTTP/2.</p> </div> </div> <h2>Windows Server 2012 and 2012 R2 End of Life</h2> <p>Microsoft <a href="https://learn.microsoft.com/en-us/lifecycle/announcements/windows-server-2012-r2-end-of-support"><u>announced</u></a> that <a href="https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2012"><u>Windows Server 2012</u></a> and <a href="https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2012-r2"><u>Windows Server 2012 R2</u></a> has reached its end of life as of October 10, 2023. This means that users of these versions of Windows Server will no longer receive security updates and should upgrade to a supported version as soon as possible.</p> <h2>Tenable Solutions</h2> <p>A list of all the plugins released for Tenable’s October 2023 Patch Tuesday update can be found <a href="https://www.tenable.com/plugins/search?q=%22October+2023%22+AND+script_family%3A%28%22Windows+%3A+Microsoft+Bulletins%22+OR+%22Windows%22%29&sort=&page=1"><u>here</u></a>. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.</p> <p>A list of Tenable plugins to identify <a href="https://www.tenable.com/cve/CVE-2023-44487/"><u>CVE-2023-44487</u></a> can be found in the <a href="https://www.tenable.com/cve/CVE-2023-44487/plugins"><u>plugins section</u></a> of the individual CVE page as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our <a href="https://www.tenable.com/plugins/pipeline"><u>Plugins Pipeline</u></a>.</p> <p>For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on <a href="https://www.tenable.com/blog/how-to-perform-efficient-vulnerability-assessments-with-tenable"><u>How to Perform Efficient Vulnerability Assessments with Tenable</u></a>.</p> <h2>Get more information</h2> <p><b><i>Join <a href="https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts"><u>Tenable’s Security Response Team</u></a> on the Tenable Community</i></b></p> <p><b><i>Learn more about <a href="https://www.tenable.com/products/tenable-one"><u>Tenable One</u></a>, the Exposure Management Platform for the modern attack surface.</i></b></p> </div> <p><br /> <br /><a href="https://www.tenable.com/blog/microsofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763">Source link </a></p> </div><!-- .entry-content --> <footer class="entry-footer"> <span class="cat-links"> Posted in <a href="https://unifiedguru.com/category/rss_virtulization/" rel="category tag">RSS_Virtulization</a> </span> </footer><!-- .entry-footer --> </article><!-- #post-## --> <nav class="navigation post-navigation" aria-label="Posts"> <h2 class="screen-reader-text">Post navigation</h2> <div class="nav-links"><div class="nav-previous"><a href="https://unifiedguru.com/why-are-openai-microsoft-and-others-looking-to-make-their-own-chips/" rel="prev">Why are OpenAI, Microsoft and others looking to make their own chips?</a></div><div class="nav-next"><a href="https://unifiedguru.com/oracle-clouds-strong-presence-at-vmware-explore-barcelona-2023/" rel="next">Oracle Cloud’s Strong Presence at VMware Explore Barcelona 2023</a></div></div> </nav> </main><!-- #main --> </div><!-- #primary --> <div id="secondary-right" class="widget-area secondary-sidebar f-right clearfix" role="complementary"> <div id="sidebar-section-top" class="widget-area sidebar clearfix"> <aside id="newsletterwidget-10" class="widget widget_newsletterwidget"><h3 class="widget-title"><span>Subscribe For Updates</span></h3><div class="tnp tnp-subscription tnp-widget"> <form method="post" action="https://unifiedguru.com/?na=s"> <input type="hidden" name="nr" value="widget"> <input type="hidden" name="nlang" value=""> <div class="tnp-field tnp-field-firstname"><label for="tnp-1">Name</label> <input class="tnp-name" type="text" name="nn" id="tnp-1" value="" placeholder=""></div> <div class="tnp-field tnp-field-email"><label for="tnp-2">Email</label> <input class="tnp-email" type="email" name="ne" id="tnp-2" value="" placeholder="" required></div> <div class="tnp-field tnp-privacy-field"><label><input type="checkbox" name="ny" required class="tnp-privacy"> Subscribing I accept the privacy rules of this site</label></div><div class="tnp-field tnp-field-button" style="text-align: left"><input class="tnp-submit" type="submit" value="Subscribe Now For Updates" style=""> </div> </form> </div> </aside> </div> <div id="sidebar-section-cat-one" class="widget-area sidebar clearfix"> <div class="widget"> <h2 class="block-title"><span class="bordertitle-red"></span>VMWARE</h2> <div class="featured-post-sidebar"> <figure class="post-thumb clearfix"> <a href="https://unifiedguru.com/helping-public-sector-organisations-define-cloud-strategy/" title="Helping Public Sector Organisations Define Cloud Strategy" ><img post-id="1207" fifu-featured="1" src="https://simoncranney.files.wordpress.com/2019/10/cropped-network.jpeg?w=200" alt="Helping Public Sector Organisations Define Cloud Strategy" title="Helping Public Sector Organisations Define Cloud Strategy" /></a> </figure> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>October 29, 2020</div> <h3><a href="https://unifiedguru.com/helping-public-sector-organisations-define-cloud-strategy/" title="Helping Public Sector Organisations Define Cloud Strategy" >Helping Public Sector Organisations Define Cloud Strategy</a></h3> <p class="side-excerpt">Introduction Cloud computing services have grown exponentially in</p> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>May 18, 2016</div> <h3><a href="https://unifiedguru.com/how-to-change-the-vlan-id-of-the-service-console-in-esx-from-the-command-lineconsole/" title="How to change the VLAN ID of the Service Console in ESX from the command line/console" >How to change the VLAN ID of the Service Console in ESX from the command line/console</a></h3> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>June 09, 2015</div> <h3><a href="https://unifiedguru.com/cisco-ucs-and-vmware-interfaces-vnics-ha-design-considerations/" title="Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations" >Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations</a></h3> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>June 07, 2015</div> <h3><a href="https://unifiedguru.com/troubleshooting-network-and-tcpudp-port-connectivity-issues-on-esxesxi2020669/" title="Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)" >Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)</a></h3> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>May 12, 2015</div> <h3><a href="https://unifiedguru.com/vsphere-client-parameters/" title="vSphere Client Parameters" >vSphere Client Parameters</a></h3> </div> </div> <div class="view-all-link"><a href="https://unifiedguru.com/category/vmware/" title="View All">View All</a></div> </div> </div> <div id="sidebar-section-cat-two" class="widget-area sidebar clearfix"> <div class="widget"> <h2 class="block-title"><span class="bordertitle-red"></span>Configuration Templates</h2> <div class="featured-post-sidebar clearfix"> <figure class="post-thumb clearfix"> </figure> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>February 16, 2015</div> <h3><a href="https://unifiedguru.com/cue-licenses/" title="CUE Licenses" >CUE Licenses</a></h3> <p class="side-excerpt">Note: Useful LINK COPIED FROM OTHER SOURCE FOR REFERENCE INTRODUCTION</p> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>February 02, 2015</div> <h3><a href="https://unifiedguru.com/trouble-shooting-unity-express-with-call-manager-integeration-operational-issues/" title="Trouble shooting Unity Express with Call Manager Integeration & Operational Issues" >Trouble shooting Unity Express with Call Manager Integeration & Operational Issues</a></h3> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>November 08, 2014</div> <h3><a href="https://unifiedguru.com/%ef%bb%bfcme-configuration-example-sip-trunks-to-viatalk-and-voip-ms/" title="CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms" >CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms</a></h3> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>November 08, 2014</div> <h3><a href="https://unifiedguru.com/sip-phone-registration-cme-configuration/" title="SIP Phone registration – CME Configuration" >SIP Phone registration – CME Configuration</a></h3> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>November 08, 2014</div> <h3><a href="https://unifiedguru.com/cue-voicemail-vpim-networking-cue-to-unity/" title="CUE Voicemail + VPIM networking (CUE to unity)" >CUE Voicemail + VPIM networking (CUE to unity)</a></h3> </div> </div> <div class="view-all-link"><a href="https://unifiedguru.com/category/configuration-templates/" title="View All">View All</a></div> </div> </div> </div> </div><!-- #content --> </div><!-- content-wrapper--> <footer id="colophon" class="site-footer clearrfix" role="contentinfo"> <div class="wrapper footer-wrapper clearfix"> <div class="top-bottom clearfix"> <div id="footer-top"> </div><!-- #foter-top --> <div id="footer-bottom"> </div><!-- #foter-bottom --> </div><!-- top-bottom--> <div class="footer-copyright border t-center"> <p> Copyright 2016. All rights reserved </p> <div class="site-info"> <a href="https://wordpress.org/">Proudly powered by WordPress</a> <span class="sep"> | </span> Profitmag by <a href="http://rigorousthemes.com/" rel="designer">Rigorous Themes</a> </div><!-- .site-info --> </div> </div><!-- footer-wrapper--> </footer><!-- #colophon --> </div><!-- #page --> <div class="a2a_kit a2a_kit_size_32 a2a_floating_style a2a_default_style" style="bottom:0px;left:0px;background-color:#23d5db"><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_pinterest" href="https://www.addtoany.com/add_to/pinterest?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="Pinterest" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_whatsapp" href="https://www.addtoany.com/add_to/whatsapp?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="WhatsApp" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_print" href="https://www.addtoany.com/add_to/print?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="Print" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_google_gmail" href="https://www.addtoany.com/add_to/google_gmail?linkurl=https%3A%2F%2Funifiedguru.com%2Fmicrosofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763%2F&linkname=Microsoft%E2%80%99s%20October%202023%20Patch%20Tuesday%20Addresses%20103%20CVEs%20%28CVE-2023-36563%2C%20CVE-2023-41763%29" title="Gmail" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div><div class="mb_supershare_holder"> <div id="openModal" class="mb_supershare_modalDialog"> <div style="background:url(https://unifiedguru.com/wp-content/plugins/super-share/img/struckaxiom.png) repeat;"> <div class="mb_supershare_ribbon"><div class="mb_supershare_ribbon-stitches-top"></div><strong class="mb_supershare_ribbon-content"><span style="font-size: 24px; line-height: 2;"> Love This Article? Spread It. </span></strong><div class="mb_supershare_ribbon-stitches-bottom"></div></div> <div class="mb_supershare_close">X</div> <!-- facebook need this script --> <div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/all.js#xfbml=1"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <div class="social_icons_style" style="width:320px; margin-left:25px; margin-top:20px; margin 0 auto; overflow:visible"> <ul> <li style="overflow:hidden; width: 49px;"> <!-- facebook like button --> <div class="fb-like" data-href="https://unifiedguru.com:443/microsofts-october-2023-patch-tuesday-addresses-103-cves-cve-2023-36563-cve-2023-41763/" data-width="450" data-height="The pixel height of the plugin" data-colorscheme="light" data-layout="box_count" data-action="like" data-show-faces="false" data-send="false"></div> </li> <li> <!-- G+ button --> <!-- Place this tag where you want the +1 button to render. --> <div class="g-plusone" data-size="tall" data-href=""></div> <!-- Place this tag after the last +1 button tag. --> <script type="text/javascript"> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> </li> <li> <!-- Twitter button --> <a href="https://twitter.com/share" class="twitter-share-button" data-url="" data-via="" data-lang="en" data-related="anywhereTheJavascriptAPI" data-count="vertical">Tweet</a> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="https://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> </li> <li> <!-- Linkedin button --> <script src="//platform.linkedin.com/in.js" type="text/javascript"></script> <script type="IN/Share" data-url="" data-counter="top"></script> </li> <li> <!-- StumbleUpon button --> <!-- Place this tag where you want the su badge to render --> <su:badge layout="5" location=""> </su:badge> <!-- Place this snippet wherever appropriate --> <script type="text/javascript"> (function() { var li = document.createElement('script'); li.type = 'text/javascript'; li.async = true; li.src = ('https:' == document.location.protocol ? 'https:' : 'http:') + '//platform.stumbleupon.com/1/widgets.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(li, s); })(); </script> </li> </ul> </div> </div> <!--DIV--> </div> <!--modalDialog--> </div> <!--mb_supershare_holder--> <script> jQuery(document).ready(function($) { $is_closed="no"; jQuery(document).scroll(function() { if(jQuery('article').length){ //For typical wordpress templates $afterpost = jQuery("article").position().top + jQuery("article").height()-(jQuery("article").height()/3); } else { //For Thesis framework $afterpost = jQuery(".content").position().top + jQuery(".post_box").height()-(jQuery(".post_box").height()/3); } if(jQuery(window).scrollTop() >= $afterpost && $is_closed=="no"){ jQuery(".mb_supershare_modalDialog").css({"display":"block"}); jQuery(".mb_supershare_modalDialog").animate({opacity:"1"},1000); } else{ jQuery(".mb_supershare_modalDialog").css({"display":"none"}); } }); jQuery(".mb_supershare_close").bind("click", function() { jQuery(".mb_supershare_modalDialog").fadeOut("slow"); $is_closed="yes"; setTimeout(function() { jQuery(".mb_supershare_modalDialog").css({"display":"none"}); }, 2000); }); }); </script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6" id="swv-js"></script> <script type="text/javascript" id="contact-form-7-js-extra"> /* <![CDATA[ */ var wpcf7 = {"api":{"root":"https:\/\/unifiedguru.com\/wp-json\/","namespace":"contact-form-7\/v1"}}; /* ]]> */ </script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6" id="contact-form-7-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.bxslider.js?ver=6.5.5" id="bxslider-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.ticker.js?ver=6.5.5" id="ticker-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.mCustomScrollbar.min.js?ver=1.0.0" id="mCustomScrollbar-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.mousewheel.min.js?ver=2.0.19" id="mousewheel-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/navigation.js?ver=20120206" id="profitmag-navigation-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/keyboard-navigation.js?ver=20120206" id="profitmag-keyboard-navigation-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/custom.js?ver=1.0" id="profitmag-custom-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/jail.js?ver=5.4.1" id="jail-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/jquery-mousewheel/jquery.mousewheel.min.js?ver=3.0.6" id="scrolling-js-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/jquery.easing.1.3.js?ver=1.3" id="jquery-easing-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/slidedeck.jquery.js?ver=1.4.1" id="slidedeck-library-js-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/slidedeck-public.js?ver=5.4.1" id="slidedeck-public-js"></script> <script type="text/javascript" src="https://platform.twitter.com/widgets.js?ver=1316526300" id="twitter-intent-api-js"></script> <script type="text/javascript" id="fifu-json-ld-js-extra"> /* <![CDATA[ */ var fifuJsonLd = {"url":"https:\/\/www.tenable.com\/sites\/default\/files\/styles\/640x360\/public\/images\/articles\/blog-microsoft-patch-tuesday-zero-day-vulnerabilities-exploited.jpg?itok=Ffg8sEg8"}; /* ]]> */ </script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.8.2" id="fifu-json-ld-js"></script> <script type="text/javascript"> var slideDeck2URLPath = "https://unifiedguru.com/wp-content/plugins/slidedeck"; var slideDeck2iframeByDefault = false; </script> </body> </html>