Today’s Microsoft Security Update addressed 130 vulnerabilities, including 9 that are rated as Critical.  This is double the number fixed from last month, June 2023.

Microsoft included two security advisories this month, ADV230001 and ADV230002.
The ADV230001 security advisory addresses some drivers that were certified by the Microsoft’s Windows Hardware Developer Program (MWHDP) that have been used maliciously in post-exploitation activities. Microsoft has suspended the developer accounts related to the affected drivers, marked the drivers as untrusted and revoked the affected driver signing certificates.

Multiple vulnerabilities included in this month’s Patch Tuesday are currently being exploited in the wild including one which does not currently have a patch, CVE-2023-36884.

  • CVE-2023-32046 requires a specially crafted file to exploit this vulnerability and would grant the attacker the same privileges as the user that executed it.
  • CVE-2023-32049 could allow attackers to use this vulnerability to bypass the Open File – Security Warning prompt. User interaction is required for this attack as an attacker would be required to convince a user to click on a malicious URL.
  • CVE-2023-36874 is a vulnerability that can be leveraged by an attacker to escalate privileges to that of an administrator.
  • CVE-2023-36884 Microsoft is aware of targeted attacks attempting to exploit this vulnerability via a crafted Microsoft Office document to achieve remote code execution. However, for the attack to be successful the attacker would have to trick the victim into opening the malicious file. While this vulnerability does not currently have a patch, Microsoft has provided multiple mitigations until a patch is available. More information on the mitigations can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884.
  • CVE-2023-35311 is a vulnerability that would allow an attacker to bypass the Microsoft Outlook Security Notice prompt, but does require user interaction to be compromised by the attacker.

CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly Disclosed
CVE-2023-21756Windows Win32k Elevation of Privilege VulnerabilityMicrosoft Graphics ComponentImportant7.8Elevation of PrivilegeNoNo
CVE-2023-33148Microsoft Office Elevation of Privilege VulnerabilityMicrosoft OfficeImportant7.8Elevation of PrivilegeNoNo
CVE-2023-33149Microsoft Office Graphics Remote Code Execution VulnerabilityMicrosoft Graphics ComponentImportant7.8Remote Code ExecutionNoNo
CVE-2023-33150Microsoft Office Security Feature Bypass VulnerabilityMicrosoft OfficeImportant9.6Security Feature BypassNoNo
CVE-2023-33151Microsoft Outlook Spoofing VulnerabilityMicrosoft Office OutlookImportant6.5SpoofingNoNo
CVE-2023-33152Microsoft ActiveX Remote Code Execution VulnerabilityMicrosoft Office AccessImportant7Remote Code ExecutionNoNo
CVE-2023-33153Microsoft Outlook Remote Code Execution VulnerabilityMicrosoft Office OutlookImportant6.8Remote Code ExecutionNoNo
CVE-2023-33165Microsoft SharePoint Server Security Feature Bypass VulnerabilityMicrosoft Office SharePointImportant4.3Security Feature BypassNoNo
CVE-2023-33166Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33167Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33168Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33169Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33172Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33173Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33174Windows Cryptographic Information Disclosure VulnerabilityWindows Cryptographic ServicesImportant5.5Information DisclosureNoNo
CVE-2023-32033Microsoft Failover Cluster Remote Code Execution VulnerabilityWindows Cluster ServerImportant6.6Remote Code ExecutionNoNo
CVE-2023-32034Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-32035Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-32037Windows Layer-2 Bridge Network Driver Information Disclosure VulnerabilityWindows Layer 2 Tunneling ProtocolImportant6.5Information DisclosureNoNo
CVE-2023-32038Microsoft ODBC Driver Remote Code Execution VulnerabilityWindows ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2023-32039Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityMicrosoft Printer DriversImportant5.5Information DisclosureNoNo
CVE-2023-32040Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityMicrosoft Printer DriversImportant5.5Information DisclosureNoNo
CVE-2023-32041Windows Update Orchestrator Service Information Disclosure VulnerabilityWindows Update Orchestrator ServiceImportant5.5Information DisclosureNoNo
CVE-2023-32042OLE Automation Information Disclosure VulnerabilityWindows OLEImportant6.5Information DisclosureNoNo
CVE-2023-32043Windows Remote Desktop Security Feature Bypass VulnerabilityWindows Remote DesktopImportant6.8Security Feature BypassNoNo
CVE-2023-32044Microsoft Message Queuing Denial of Service VulnerabilityWindows Message QueuingImportant7.5Denial of ServiceNoNo
CVE-2023-32045Microsoft Message Queuing Denial of Service VulnerabilityWindows Message QueuingImportant7.5Denial of ServiceNoNo
CVE-2023-32046Windows MSHTML Platform Elevation of Privilege VulnerabilityWindows MSHTML PlatformImportant7.8Elevation of PrivilegeYesNo
CVE-2023-32047Paint 3D Remote Code Execution VulnerabilityPaint 3DImportant7.8Remote Code ExecutionNoNo
ADV230002Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI ModulesWindows EFI PartitionImportantN/ASecurity Feature BypassNoNo
CVE-2023-32049Windows SmartScreen Security Feature Bypass VulnerabilityWindows SmartScreenImportant8.8Security Feature BypassYesNo
CVE-2023-32050Windows Installer Elevation of Privilege VulnerabilityWindows InstallerImportant7Elevation of PrivilegeNoNo
CVE-2023-32051Raw Image Extension Remote Code Execution VulnerabilityMicrosoft Windows Codecs LibraryImportant7.8Remote Code ExecutionNoNo
CVE-2023-35313Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution VulnerabilityWindows Online Certificate Status Protocol (OCSP) SnapInImportant7.8Remote Code ExecutionNoNo
CVE-2023-35314Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-35315Windows Layer-2 Bridge Network Driver Remote Code Execution VulnerabilityWindows Layer-2 Bridge Network DriverCritical8.8Remote Code ExecutionNoNo
CVE-2023-35316Remote Procedure Call Runtime Information Disclosure VulnerabilityWindows Remote Procedure CallImportant6.5Information DisclosureNoNo
CVE-2023-35317Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityWindows Server Update ServiceImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35318Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-35319Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-35320Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityWindows Connected User Experiences and TelemetryImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35321Windows Deployment Services Denial of Service VulnerabilityWindows Deployment ServicesImportant6.5Denial of ServiceNoNo
CVE-2023-35322Windows Deployment Services Remote Code Execution VulnerabilityWindows Deployment ServicesImportant8.8Remote Code ExecutionNoNo
CVE-2023-35323Windows OLE Remote Code Execution VulnerabilityWindows Online Certificate Status Protocol (OCSP) SnapInImportant7.8Remote Code ExecutionNoNo
CVE-2023-35324Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityMicrosoft Printer DriversImportant5.5Information DisclosureNoNo
CVE-2023-35325Windows Print Spooler Information Disclosure VulnerabilityWindows Print Spooler ComponentsImportant7.5Information DisclosureNoNo
CVE-2023-35326Windows CDP User Components Information Disclosure VulnerabilityWindows CDP User ComponentsImportant5.5Information DisclosureNoNo
CVE-2023-35328Windows Transaction Manager Elevation of Privilege VulnerabilityWindows Transaction ManagerImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35329Windows Authentication Denial of Service VulnerabilityWindows Authentication MethodsImportant6.5Denial of ServiceNoNo
CVE-2023-35330Windows Extended Negotiation Denial of Service VulnerabilityWindows SPNEGO Extended NegotiationImportant7.5Denial of ServiceNoNo
CVE-2023-35331Windows Local Security Authority (LSA) Denial of Service VulnerabilityWindows Local Security Authority (LSA)Important6.5Denial of ServiceNoNo
CVE-2023-35332Windows Remote Desktop Protocol Security Feature BypassWindows Remote DesktopImportant6.8Security Feature BypassNoNo
CVE-2023-35333MediaWiki PandocUpload Extension Remote Code Execution VulnerabilityMicrosoft Media-Wiki ExtensionsImportant8.8Remote Code ExecutionNoNo
CVE-2023-35336Windows MSHTML Platform Security Feature Bypass VulnerabilityWindows MSHTML PlatformImportant6.5Security Feature BypassNoNo
CVE-2023-35337Win32k Elevation of Privilege VulnerabilityWindows Win32KImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35338Windows Peer Name Resolution Protocol Denial of Service VulnerabilityWindows Peer Name Resolution ProtocolImportant7.5Denial of ServiceNoNo
CVE-2023-35339Windows CryptoAPI  Denial of Service VulnerabilityWindows CryptoAPIImportant7.5Denial of ServiceNoNo
CVE-2023-35340Windows CNG Key Isolation Service Elevation of Privilege VulnerabilityWindows CNG Key Isolation ServiceImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35341Microsoft DirectMusic Information Disclosure VulnerabilityWindows MediaImportant6.2Information DisclosureNoNo
CVE-2023-35342Windows Image Acquisition Elevation of Privilege VulnerabilityWindows Image AcquisitionImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35343Windows Geolocation Service Remote Code Execution VulnerabilityWindows Geolocation ServiceImportant7.8Remote Code ExecutionNoNo
CVE-2023-35344Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant6.6Remote Code ExecutionNoNo
CVE-2023-35345Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant6.6Remote Code ExecutionNoNo
CVE-2023-35346Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant6.6Remote Code ExecutionNoNo
CVE-2023-35347Microsoft Install Service Elevation of Privilege VulnerabilityWindows App StoreImportant7.1Elevation of PrivilegeNoNo
CVE-2023-35348Active Directory Federation Service Security Feature Bypass VulnerabilityAzure Active DirectoryImportant7.5Security Feature BypassNoNo
CVE-2023-35350Windows Active Directory Certificate Services (AD CS) Remote Code Execution VulnerabilityWindows Active Directory Certificate ServicesImportant7.2Remote Code ExecutionNoNo
CVE-2023-35351Windows Active Directory Certificate Services (AD CS) Remote Code Execution VulnerabilityWindows Active Directory Certificate ServicesImportant6.6Remote Code ExecutionNoNo
CVE-2023-35352Windows Remote Desktop Security Feature Bypass VulnerabilityWindows Remote DesktopCritical7.5Security Feature BypassNoNo
CVE-2023-35353Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityWindows Connected User Experiences and TelemetryImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35356Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35357Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35358Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35360Windows Kernel Elevation of Privilege VulnerabilityWindows NT OS KernelImportant7Elevation of PrivilegeNoNo
CVE-2023-35361Windows Kernel Elevation of Privilege VulnerabilityWindows NT OS KernelImportant7Elevation of PrivilegeNoNo
CVE-2023-35362Windows Clip Service Elevation of Privilege VulnerabilityWindows Clip ServiceImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35363Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35364Windows Kernel Elevation of Privilege VulnerabilityWindows NT OS KernelImportant8.8Elevation of PrivilegeNoNo
CVE-2023-35365Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityWindows Routing and Remote Access Service (RRAS)Critical9.8Remote Code ExecutionNoNo
CVE-2023-35366Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityWindows Routing and Remote Access Service (RRAS)Critical9.8Remote Code ExecutionNoNo
CVE-2023-35367Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityWindows Routing and Remote Access Service (RRAS)Critical9.8Remote Code ExecutionNoNo
CVE-2023-36872VP9 Video Extensions Information Disclosure VulnerabilityMicrosoft Windows Codecs LibraryImportant5.5Information DisclosureNoNo
CVE-2023-36874Windows Error Reporting Service Elevation of Privilege VulnerabilityWindows Error ReportingImportant7.8Elevation of PrivilegeYesNo
CVE-2023-36884Office and Windows HTML Remote Code Execution VulnerabilityMicrosoft OfficeImportant8.3Remote Code ExecutionYesYes
CVE-2023-21526Windows Netlogon Information Disclosure VulnerabilityWindows NetlogonImportant7.4Information DisclosureNoNo
ADV230001Guidance on Microsoft Signed Drivers Being Used MaliciouslyWindows CertificatesNoneN/ADefense in DepthYesNo
CVE-2023-29347Windows Admin Center Spoofing VulnerabilityWindows Admin CenterImportant8.7SpoofingNoNo
CVE-2023-33127.NET and Visual Studio Elevation of Privilege Vulnerability.NET and Visual StudioImportant8.1Elevation of PrivilegeNoNo
CVE-2023-33134Microsoft SharePoint Server Remote Code Execution VulnerabilityMicrosoft Office SharePointImportant8.8Remote Code ExecutionNoNo
CVE-2023-33154Windows Partition Management Driver Elevation of Privilege VulnerabilityWindows Partition Management DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2023-33155Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityWindows Cloud Files Mini Filter DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2023-33156Microsoft Defender Elevation of Privilege VulnerabilityWindows DefenderImportant6.3Elevation of PrivilegeNoNo
CVE-2023-33157Microsoft SharePoint Remote Code Execution VulnerabilityMicrosoft Office SharePointCritical8.8Remote Code ExecutionNoNo
CVE-2023-33158Microsoft Excel Remote Code Execution VulnerabilityMicrosoft Office ExcelImportant7.8Remote Code ExecutionNoNo
CVE-2023-33159Microsoft SharePoint Server Spoofing VulnerabilityMicrosoft Office SharePointImportant8.8SpoofingNoNo
CVE-2023-33160Microsoft SharePoint Server Remote Code Execution VulnerabilityMicrosoft Office SharePointCritical8.8Remote Code ExecutionNoNo
CVE-2023-33161Microsoft Excel Remote Code Execution VulnerabilityMicrosoft Office ExcelImportant7.8Remote Code ExecutionNoNo
CVE-2023-33162Microsoft Excel Information Disclosure VulnerabilityMicrosoft Office ExcelImportant5.5Information DisclosureNoNo
CVE-2023-33163Windows Network Load Balancing Remote Code Execution VulnerabilityWindows Network Load BalancingImportant7.5Remote Code ExecutionNoNo
CVE-2023-33164Remote Procedure Call Runtime Denial of Service VulnerabilityWindows Remote Procedure CallImportant6.5Denial of ServiceNoNo
CVE-2023-33170ASP.NET and Visual Studio Security Feature Bypass VulnerabilityASP.NET and Visual StudioImportant8.1Security Feature BypassNoNo
CVE-2023-33171Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant8.2SpoofingNoNo
CVE-2023-32052Microsoft Power Apps Spoofing VulnerabilityMicrosoft Power AppsImportant5.4SpoofingNoNo
CVE-2023-32053Windows Installer Elevation of Privilege VulnerabilityWindows InstallerImportant7.8Elevation of PrivilegeNoNo
CVE-2023-32054Volume Shadow Copy Elevation of Privilege VulnerabilityWindows Volume Shadow CopyImportant7.3Elevation of PrivilegeNoNo
CVE-2023-32055Active Template Library Elevation of Privilege VulnerabilityWindows Active Template LibraryImportant6.7Elevation of PrivilegeNoNo
CVE-2023-32056Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityWindows Server Update ServiceImportant7.8Elevation of PrivilegeNoNo
CVE-2023-32057Microsoft Message Queuing Remote Code Execution VulnerabilityWindows Message QueuingCritical9.8Remote Code ExecutionNoNo
CVE-2023-32083Microsoft Failover Cluster Information Disclosure VulnerabilityWindows Failover ClusterImportant6.5Information DisclosureNoNo
CVE-2023-32084HTTP.sys Denial of Service VulnerabilityWindows HTTP.sysImportant7.5Denial of ServiceNoNo
CVE-2023-32085Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityMicrosoft Printer DriversImportant5.5Information DisclosureNoNo
CVE-2023-35296Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityMicrosoft Printer DriversImportant6.5Information DisclosureNoNo
CVE-2023-35297Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityWindows PGMCritical7.5Remote Code ExecutionNoNo
CVE-2023-35298HTTP.sys Denial of Service VulnerabilityWindows HTTP.sysImportant7.5Denial of ServiceNoNo
CVE-2023-35299Windows Common Log File System Driver Elevation of Privilege VulnerabilityWindows Common Log File System DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35300Remote Procedure Call Runtime Remote Code Execution VulnerabilityWindows Remote Procedure CallImportant8.8Remote Code ExecutionNoNo
CVE-2023-35302Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer DriversImportant8.8Remote Code ExecutionNoNo
CVE-2023-35303USB Audio Class System Driver Remote Code Execution VulnerabilityMicrosoft Windows Codecs LibraryImportant8.8Remote Code ExecutionNoNo
CVE-2023-35304Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35305Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35306Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityMicrosoft Printer DriversImportant5.5Information DisclosureNoNo
CVE-2023-35308Windows MSHTML Platform Security Feature Bypass VulnerabilityWindows MSHTML PlatformImportant6.5Security Feature BypassNoNo
CVE-2023-35309Microsoft Message Queuing Remote Code Execution VulnerabilityWindows Message QueuingImportant7.5Remote Code ExecutionNoNo
CVE-2023-35310Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant6.6Remote Code ExecutionNoNo
CVE-2023-35311Microsoft Outlook Security Feature Bypass VulnerabilityMicrosoft Office OutlookImportant8.8Security Feature BypassYesNo
CVE-2023-35312Microsoft VOLSNAP.SYS Elevation of Privilege VulnerabilityWindows VOLSNAP.SYSImportant7.8Elevation of PrivilegeNoNo
CVE-2023-35335Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant8.2SpoofingNoNo
CVE-2023-35373Mono Authenticode Validation Spoofing VulnerabilityMono AuthenticodeImportant5.3SpoofingNoNo
CVE-2023-35374Paint 3D Remote Code Execution VulnerabilityPaint 3DImportant7.8Remote Code ExecutionNoNo
CVE-2023-36867Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution VulnerabilityVisual Studio CodeImportant7.8Remote Code ExecutionNoNo
CVE-2023-36868Azure Service Fabric on Windows Information Disclosure VulnerabilityService FabricImportant6.5Information DisclosureNoNo
CVE-2023-36871Azure Active Directory Security Feature Bypass VulnerabilityAzure Active DirectoryImportant6.5Security Feature Bypass

Contact Us

We can help with any cybersecurity questions.