Microsoft have released a security advisory on the 12th of July 2023 in line with their regular monthly patch schedule which includes a number of updates to address three (3) high risk, four (4) medium risk and one (1) low risk vulnerabilities.
These updates address vulnerabilities which may impact services through Elevation of Privilege, Denial of Service, Information Disclosure, Remote Code Execution, Security Restriction Bypass and Spoofing
For more information please see: Microsoft Security Update
This release consists of security updates for the following products, features and roles:
- Windows Certificates
- Windows EFI Partition
- Windows Netlogon
- Microsoft Graphics Component
- Windows Admin Center
- Windows Cluster Server
- Windows Remote Procedure Call
- Windows Layer 2 Tunneling Protocol
- Windows ODBC Driver
- Microsoft Printer Drivers
- Windows Update Orchestrator Service
- Windows OLE
- Windows Remote Desktop
- Windows Message Queuing
- Windows MSHTML Platform
- Paint 3D
- Windows SmartScreen
- Windows Installer
- Microsoft Windows Codecs Library
- Microsoft Power Apps
- Windows Volume Shadow Copy
- Windows Active Template Library
- Windows Server Update Service
- Windows Failover Cluster
- Windows HTTP.sys
- .NET and Visual Studio
- Microsoft Office SharePoint
- Microsoft Office
- Microsoft Office Outlook
- Microsoft Office Access
- Windows Partition Management Driver
- Windows Cloud Files Mini Filter Driver
- Windows Defender
- Microsoft Office Excel
- Windows Network Load Balancing
- ASP.NET and .NET
- Microsoft Dynamics
- Windows Cryptographic Services
- Windows PGM
- Windows Common Log File System Driver
- Windows Kernel
- Role: DNS Server
- Windows VOLSNAP.SYS
- Windows Online Certificate Status Protocol (OCSP) SnapIn
- Windows Layer-2 Bridge Network Driver
- Windows Connected User Experiences and Telemetry
- Windows Deployment Services
- Windows Print Spooler Components
- Windows CDP User Components
- Windows Transaction Manager
- Windows Authentication Methods
- Windows SPNEGO Extended Negotiation
- Windows Local Security Authority (LSA)
- Microsoft Media-Wiki Extensions
- Windows Win32K
- Windows Peer Name Resolution Protocol
- Windows CryptoAPI
- Windows CNG Key Isolation Service
- Windows Media
- Windows Image Acquisition
- Windows Geolocation Service
- Windows App Store
- Azure Active Directory
- Windows Active Directory Certificate Services
- Windows NT OS Kernel
- Windows Clip Service
- Windows Routing and Remote Access Service (RRAS)
- Mono Authenticode
- Visual Studio Code
- Service Fabric
- Windows Error Reporting
CVE-2023-32046 is being exploited in the wild and can be exploited to gain the rights of the user that is running the affected application, but this CVE requires local access and user interaction. It is rated as high risk.
CVE-2023-32049 is being exploited in the wild and can be exploited to bypass the Open File – Security Warning prompt, but this CVE requires user interaction. It is rated as high risk.
CVE-2023-36874 is being exploited in the wild and can be exploited to gain administrator privileges, but this CVE requires local access. It is rated as high risk.
CVE-2023-35311 is being exploited in the wild and can be exploited to bypass the Microsoft Outlook Security Notice prompt, but this CVE requires user interaction. It is rated as high risk.
CVE-2023-36884 is being exploited in the wild and can be exploited by creating a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim, but this CVE requires user interaction. It is rated as high risk.
Matsco recommends any affected systems are updated as soon as convenient.
Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.
support@matscosolutions.com
Beijing +86 400 120 2782
Hong Kong +852 8101 8418
London +44 (0)20 7821 4950
New York +1 866 446 9226
Singapore +65 6100 1090
Share this Post