Patch Tuesday, October 2023
Halloween is arriving and with it, Trustwave’s return to Patch Tuesday reports.
This month, Microsoft has released 104 patches with 12 of those rated as “critical.” Two vulnerabilities, one in MS WordPad and the other in Skype for Business (CVE-2023-36563 and CVE-2023-41763, respectively) are reported as being publicly exposed and exploited in the wild.
The critical patches include a Remote Code Execution (RCE) issue in Microsoft Message Queuing (CVE-2023-35349, CVE-2023-36697), a Microsoft Virtual Trusted Platform Module RCE(CVE-2023-36718), and a Layer 2 Tunnelling Protocol RCE (CVE-2023-38166, CVE-2023-41765, CVE-2023-41767, CVE-2023-41768, CVE-2023-41769, CVE-2023-41770, CVE-2023-41771, CVE-2023-41773, CVE-2023-41774) .
In addition to the 12 critical vulnerabilities, 92 are rated “important” and include the following attack types: RCE, Information Disclosure, Spoofing, Denial of Service (DOS), Elevation of Privilege, and Security Feature Bypass.
Critical (12)
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-35349, CVE-2023-36697
Remote Code Execution
Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability
CVE-2023-36718
Remote Code Execution
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-38166, CVE-2023-41765, CVE-2023-41767, CVE-2023-41768, CVE-2023-41769,
CVE-2023-41770, CVE-2023-41771, CVE-2023-41773, CVE-2023-41774
Remote Code Execution
Important (92)
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability
CVE-2023-29348
Information Disclosure
Azure Identity SDK Remote Code Execution Vulnerability
CVE-2023-36414, CVE-2023-36415
Remote Code Execution
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36416
Spoofing
Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-36417
Remote Code Execution
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2023-36418
Remote Code Execution
Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability
CVE-2023-36419
Elevation of Privilege
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36420
Remote Code Execution
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2023-36429
Information Disclosure
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36431
Denial of Service
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2023-36433
Remote Code Execution
Windows IIS Server Elevation of Privilege Vulnerability
CVE-2023-36434
Security Feature Bypass
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-36435
Denial of Service
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-36436
Remote Code Execution
Windows TCP/IP Information Disclosure Vulnerability
CVE-2023-36438
Information Disclosure
PrintHTML API Remote Code Execution Vulnerability
CVE-2023-36557
Remote Code Execution
Azure DevOps Server Elevation of Privilege Vulnerability
CVE-2023-36561
Elevation of Privilege
Microsoft WordPad Information Disclosure Vulnerability
CVE-2023-36563
Information Disclosure
Windows Search Security Feature Bypass Vulnerability
CVE-2023-36564
Security Feature Bypass
Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2023-36565
Remote Code Execution
Microsoft Common Data Model SDK Denial of Service Vulnerability
CVE-2023-36566
Denial of Service
Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36567
Information Disclosure
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVE-2023-36568
Elevation of Privilege
Microsoft Office Elevation of Privilege Vulnerability
CVE-2023-36569
Elevation of Privilege
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36570, CVE-2023-36571, CVE-2023-36572, CVE-2023-36573, CVE-2023-36574,
CVE-2023-36575
Remote Code Execution
Windows Kernel Information Disclosure Vulnerability
CVE-2023-36576
Information Disclosure
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36577
Remote Code Execution
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36578
Remote Code Execution
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36579, CVE-2023-36581
Denial of Service
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36582, CVE-2023-36583
Remote Code Execution
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2023-36584
Security Feature Bypass
Active Template Library Denial of Service Vulnerability
CVE-2023-36585
Denial of Service
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36589, CVE-2023-36590, CVE-2023-36591, CVE-2023-36592, CVE-2023-36593
Remote Code Execution
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36594
Elevation of Privilege
Remote Procedure Call Information Disclosure Vulnerability
CVE-2023-36596
Information Disclosure
Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36598
Remote Code Execution
Windows TCP/IP Denial of Service Vulnerability
CVE-2023-36602
Denial of Service
Windows TCP/IP Denial of Service Vulnerability
CVE-2023-36603
Denial of Service
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
CVE-2023-36605
Elevation of Privilege
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36606
Denial of Service
Windows Kernel Security Feature Bypass Vulnerability
CVE-2023-36698
Security Feature Bypass
Microsoft Defender Security Feature Bypass Vulnerability
CVE-2023-36700
Security Feature Bypass
Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-36701
Elevation of Privilege
Microsoft DirectMusic Remote Code Execution Vulnerability
CVE-2023-36702
Remote Code Execution
DHCP Server Service Denial of Service Vulnerability
CVE-2023-36703
Denial of Service
Windows Setup Files Cleanup Remote Code Execution Vulnerability
CVE-2023-36704
Remote Code Execution
Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36706
Information Disclosure
Windows Deployment Services Denial of Service Vulnerability
CVE-2023-36707
Denial of Service
Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2023-36709
Denial of Service
Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2023-36710
Remote Code Execution
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2023-36711
Elevation of Privilege
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36712
Elevation of Privilege
Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2023-36713
Information Disclosure
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
CVE-2023-36717
Denial of Service
Windows Mixed Reality Developer Tools Denial of Service Vulnerability
CVE-2023-36720
Denial of Service
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2023-36721
Elevation of Privilege
Active Directory Domain Services Information Disclosure Vulnerability
CVE-2023-36722
Information Disclosure
Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2023-36723
Elevation of Privilege
Windows Power Management Service Information Disclosure Vulnerability
CVE-2023-36724
Information Disclosure
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36725
Elevation of Privilege
Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability
CVE-2023-36726
Elevation of Privilege
Microsoft SQL Server Denial of Service Vulnerability
CVE-2023-36728
Denial of Service
Named Pipe File System Elevation of Privilege Vulnerability
CVE-2023-36729
Elevation of Privilege
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36730
Remote Code Execution
Win32k Elevation of Privilege Vulnerability
CVE-2023-36731, CVE-2023-36732
Elevation of Privilege
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2023-36737
Elevation of Privilege
Win32k Elevation of Privilege Vulnerability
CVE-2023-36743, CVE-2023-36776
Elevation of Privilege
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36778
Remote Code Execution
Skype for Business Remote Code Execution Vulnerability
CVE-2023-36780, CVE-2023-36786
Remote Code Execution
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36785
Remote Code Execution
Skype for Business Elevation of Privilege Vulnerability
CVE-2023-36789
Remote Code Execution
Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability
CVE-2023-36790
Elevation of Privilege
Windows Runtime Remote Code Execution Vulnerability
CVE-2023-36902
Remote Code Execution
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-38159
Elevation of Privilege
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-38171
Denial of Service
Skype for Business Elevation of Privilege Vulnerability
CVE-2023-41763
Elevation of Privilege
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2023-41766
Elevation of Privilege
Win32k Elevation of Privilege Vulnerability
CVE-2023-41772
Elevation of Privilege
ABOUT TRUSTWAVE
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.