VERT Threat Alert: September 2023 Patch Tuesday Analysis


Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th.

In-The-Wild & Disclosed CVEs

CVE-2023-36761
Microsoft has indicated that a vulnerability impacting Microsoft Word, including the preview pane, has been publicly disclosed and has seen active exploitation. Successful exploitation of the vulnerability could disclose NTLM hashes to the attacker. Microsoft has reported this vulnerability as Exploitation Detected.

CVE-2023-36802
A vulnerability in the Microsoft Streaming Service Proxy, a driver included with Windows 10 and Windows 11, as well as Windows Server, could be exploited to gain SYSTEM level permissions. While Microsoft has reported active exploitation, they have not indicated that this vulnerability has been publicly disclosed. Microsoft has reported this vulnerability as Exploitation Detected.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.

  • Traditional Software
  • Mobile Software
  • Cloud or Cloud Adjacent
  • Vulnerabilities that are being exploited or that have been disclosed will be highlighted.

 

Tag

CVE Count

CVEs

.NET Core & Visual Studio

1

CVE-2023-36799

Microsoft Office Word

2

CVE-2023-36762, CVE-2023-36761

Visual Studio

2

CVE-2023-36759, CVE-2023-36758

Windows Common Log File System Driver

2

CVE-2023-38144, CVE-2023-38143

Microsoft Streaming Service

1

CVE-2023-36802

Microsoft Office SharePoint

1

CVE-2023-36764

Microsoft Windows Codecs Library

1

CVE-2023-38147

Visual Studio Code

2

CVE-2023-36742, CVE-2023-39956

Windows Themes

1

CVE-2023-38146

Windows Cloud Files Mini Filter Driver

1

CVE-2023-35355

Azure HDInsights

1

CVE-2023-38156

3D Builder

4

CVE-2023-36773, CVE-2023-36772, CVE-2023-36771, CVE-2023-36770

Microsoft Office Excel

1

CVE-2023-36766

3D Viewer

4

CVE-2022-41303, CVE-2023-36760, CVE-2023-36740, CVE-2023-36739

Windows GDI

2

CVE-2023-38161, CVE-2023-36804

Microsoft Azure Kubernetes Service

1

CVE-2023-29332

Windows Kernel

6

CVE-2023-38150, CVE-2023-38142, CVE-2023-38141, CVE-2023-38140, CVE-2023-38139, CVE-2023-36803

Microsoft Exchange Server

5

CVE-2023-36757, CVE-2023-36756, CVE-2023-36745, CVE-2023-36744, CVE-2023-36777

Microsoft Office

3

CVE-2023-36767, CVE-2023-36765, CVE-2023-41764

Windows Defender

1

CVE-2023-38163

Windows Internet Connection Sharing (ICS)

1

CVE-2023-38148

Windows Scripting

1

CVE-2023-36805

.NET Framework

1

CVE-2023-36788

Microsoft Identity Linux Broker

1

CVE-2023-36736

.NET and Visual Studio

4

CVE-2023-36796, CVE-2023-36794, CVE-2023-36793, CVE-2023-36792

Microsoft Office Outlook

1

CVE-2023-36763

Windows TCP/IP

2

CVE-2023-38149, CVE-2023-38160

Microsoft Dynamics Finance & Operations

1

CVE-2023-36800

Windows DHCP Server

3

CVE-2023-38162, CVE-2023-38152, CVE-2023-36801

Microsoft Edge (Chromium-based)

5

CVE-2023-4761, CVE-2023-4762, CVE-2023-4763, CVE-2023-4764, CVE-2023-4863

Azure DevOps

2

CVE-2023-33136, CVE-2023-38155

Microsoft Dynamics

2

CVE-2023-36886, CVE-2023-38164

 

Other Information

At the time of publication, there were no new advisories included with the September Security Guidance.



Source link