Patch Tuesday harvests a bumper crop in October

Credit to Author: Angela Gunn| Date: Wed, 11 Oct 2023 18:06:24 +0000

Microsoft on Tuesday released patches for 104 vulnerabilities, including 80 for Windows. Ten other product groups are also affected. Of the 104 CVEs addressed, 11 are considered Critical in severity; ten of those are in Windows, while one falls in the Microsoft Common Data Model SDK. (The Common Data Model is a metadata system for business-related data.) One CVE, an Important-severity denial-of-service issue (CVE-2023-38171), affects not only Windows but both .NET and Visual Studio.

At patch time, two issues involving WordPad and Skype are known to be under exploit in the wild. An additional 10 vulnerabilities in Windows, Exchange, and Skype are by the company’s estimation more likely to be exploited in the next 30 days. For ease of prioritization, those 12 issues are:

 

One of the most fascinating items in this month’s release isn’t even a patch – though to be fair, it’s not an issue that can be “patched” in the usual sense, for Microsoft products or many others. CVE-2023-44487, an Important-severity denial of service issue, describes a rapid-reset attack against HTTP/2, currently under extremely active exploit in the wild. It carries a MITRE-assigned CVE number (a rarity; usually Microsoft assigns its own CVEs numbers) and, according to Microsoft’s finder-acknowledgement system, is “credited” to Google, Amazon, and Cloudflare. The list of affected product families is long: .NET, ASP.NET, Visual Studio, and various iterations of Windows.  Microsoft has published an article on the matter. It’s not included in the patch tallies in this post, though the article states that the company is releasing mitigations – not patches, mitigation — for IIS, .NET, and Windows.  There’s a recommended workaround, though – going into RegEdit and disabling the HTTP/2 protocol on your web server.

Beyond Patch Tuesday, the keepers of curl (the open-source command-line tool) also had a significant patch on tap for Wednesday, 11 October. According to the advisory posted to GitHub, CVE-2023-38545 and CVE-2023-38546 both describe issues in libcurl, with CVE-2023-38545, a heap-overflow issue, also touching curl itself. These are serious business; according to Daniel Stenberg, the maintainer who wrote the GitHub advisory, “[CVE-2023-38545] is probably the worst curl security flaw in a long time.” Since curl lies at the heart of such popular protocols as SSL, TLS, HTTP, and FTP, system administrators are advised in the strongest possible terms to familiarize themselves with the new curl 8.4.0 release, which addresses this issue.

October is also a big month for goodbyes. The tables in Appendix E at the end of this article list the Microsoft products reaching end-of-servicing (covered under the Modern Policy) and end of support (covered under the Fixed Policy) today, as well as those moving from Mainstream to Extended support. Extended support includes free security updates, but no more new features or design changes. The list of products affected is long and exciting – in particular, Office 2019 no longer taking feature updates is a milestone – but the headline act on this month’s cruise into the sunset is surely Server 2012 and Server 2012R2. As a going-away present, that venerable version of the platform receives 65 patches, 11 of them critical-severity, one under active exploit in the wild.

We are as usual including at the end of this post three appendices listing all Microsoft’s patches, sorted by severity, by predicted exploitability, and by product family. As per Microsoft’s guidance we’ll treat the Chromium patch as information-only and not include it in the following charts and totals, though we’ve added a chart at the end of the post providing basic information on that. (CVE-2023-44487, discussed above, also applies to Chromium; this is also noted in the appendix.)

  • Total Microsoft CVEs: 2
  • Total advisories shipping in update: 2
  • Publicly disclosed: 2
  • Exploited: 2
  • Severity
    • Critical: 13
    • Important: 91
  • Impact
    • Remote Code Execution: 45
    • Elevation of Privilege: 26
    • Denial of Service: 16
    • Information Disclosure: 12
    • Security Feature Bypass: 4
    • Spoofing: 1

A bar chart showing distribution of October 2023 Patch Tuesday releases by severity and impact

Figure 1: October is a heavy patch month with a little bit of everything

Products

  • Windows: 80 (including one shared with .NET and Visual Studio)
  • Azure: 6
  • SQL: 5
  • Skype: 4
  • Dynamics 365: 3
  • Office: 3
  • .NET: 1 (shared with Visual Studio and Windows)
  • Exchange: 1
  • Microsoft Common Data Model SDK: 1
  • MMPC: 1
  • Visual Studio: 1 (shared with .NET and Windows)

A bar chart showing October 2023 Patch Tuesday releases by product family and severity

Figure 2: Products affected by October’s patches. For items that apply to more than one product family (e.g., the patch shared by Windows, Visual Studio, and .NET), the chart represents those patches in each family to which they apply, making the workload look slightly heavier than it will be in practice

Notable October updates

In addition to the high-priority issues discussed above, a few interesting items present themselves.

9 CVEs — Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
5 CVEs — Win32k Elevation of Privilege Vulnerability

Identically named CVEs are hardly unusual in these releases; this month also has identically named sets of 16 (Microsoft Message Queuing Remote Code Execution Vulnerability), 4 (Microsoft Message Queuing Denial of Service Vulnerability), and 3 (too many to list) CVEs. However, the 9 RCEs touching Windows’ Layer 2 tunnelling protocol also share Critical-severity status (CVSS 3.1 base is 8.1) and are thus worth looking at sooner rather than later. Fortunately, Microsoft does not believe any of them to be more likely to be exploited in the next 30 days. The 5 EoP issues touching Win32K, on the other hand, are all considered more likely to see exploitation in the next 30 days.

CVE-2023-36563 — Microsoft WordPad Information Disclosure Vulnerability

This is as mentioned one of the two vulnerabilities under active exploit in the wild; Microsoft states that Preview Pane is a vector.

A bar chart showing cumulative Patch Tuesday totals for 2023; in descending order, RCE, EoP, info disclosure, DoS, spoofing, security feature bypass, tampering

Figure 3: With two months to go in 2023, Microsoft has issued exactly 300 patches against remote code execution issue, the most of any category of vulnerability this year

Sophos protections

CVESophos Intercept X/Endpoint IPSSophos XGS Firewall
CVE-2023-36594Exp/2336594-AExp/2336594-A
CVE-2023-36713Exp/2336713-AExp/2336713-A
CVE-2023-36731Exp/2336731-AExp/2336731-A
CVE-2023-36743Exp/2336743-AExp/2336743-A
CVE-2023-36776Exp/2336776-AExp/2336776-A
CVE-2023-38159Exp/2338159-AExp/2338159-A
CVE-2023-41772Exp/2341772-AExp/2341772-A

 

As you can every month, if you don’t want to wait for your system to pull down Microsoft’s updates itself, you can download them manually from the Windows Update Catalog website. Run the winver.exe tool to determine which build of Windows 10 or 11 you’re running, then download the Cumulative Update package for your specific system’s architecture and build number.

With regard to CVE-2023-44487, the best option for thwarting the denial-of-service attack enabled by the vulnerability is to follow Microsoft’s published advice.

Appendix A: Vulnerability Impact and Severity

This is a list of October’s patches sorted by impact, then sub-sorted by severity. Each list is further arranged by CVE.

Remote Code Execution (45 CVEs)

Critical severity
CVE-2023-35349Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36697Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36718Windows Virtual Trusted Platform Module Elevation of Privilege Vulnerability
CVE-2023-38166Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41765Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41767Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41768Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41769Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41770Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41771Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41773Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41774Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Important severity
CVE-2023-36414Azure Identity SDK Remote Code Execution Vulnerability
CVE-2023-36415Azure Identity SDK Remote Code Execution Vulnerability
CVE-2023-36417Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-36418Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2023-36420Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36436Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-36557PrintHTML API Remote Code Execution Vulnerability
CVE-2023-36570Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36571Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36572Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36573Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36574Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36575Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36577Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36578Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36582Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36583Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36589Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36590Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36591Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36592Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36593Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36598Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36702Microsoft DirectMusic Remote Code Execution Vulnerability
CVE-2023-36704Windows Setup Files Cleanup Remote Code Execution Vulnerability
CVE-2023-36710Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2023-36730Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36778Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36780Skype for Business Remote Code Execution Vulnerability
CVE-2023-36785Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36786Skype for Business Remote Code Execution Vulnerability
CVE-2023-36789Skype for Business Remote Code Execution Vulnerability
CVE-2023-36902Windows Runtime Remote Code Execution Vulnerability


Elevation of Privilege (26 CVEs)

Important severity
CVE-2023-36419Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability
CVE-2023-36434Windows IIS Server Elevation of Privilege Vulnerability
CVE-2023-36561Azure DevOps Server Elevation of Privilege Vulnerability
CVE-2023-36565Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2023-36568Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVE-2023-36569Microsoft Office Elevation of Privilege Vulnerability
CVE-2023-36594Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36605Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
CVE-2023-36701Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-36711Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2023-36712Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36721Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2023-36723Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2023-36725Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36726Windows Internet Key Exchange (IKE) Extension Elevation of Privilege  Vulnerability
CVE-2023-36729Named Pipe File System Elevation of Privilege Vulnerability
CVE-2023-36731Win32k Elevation of Privilege Vulnerability
CVE-2023-36732Win32k Elevation of Privilege Vulnerability
CVE-2023-36737Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2023-36743Win32k Elevation of Privilege Vulnerability
CVE-2023-36776Win32k Elevation of Privilege Vulnerability
CVE-2023-36790Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability
CVE-2023-38159Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-41763Skype for Business Elevation of Privilege Vulnerability
CVE-2023-41766Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2023-41772Win32k Elevation of Privilege Vulnerability


Denial of Service (16 CVEs)

Critical severity
CVE-2023-36566Microsoft Common Data Model SDK Denial of Service Vulnerability
Important severity
CVE-2023-36431Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36435Microsoft QUIC Denial of Service Vulnerability
CVE-2023-36579Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36581Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36585Active Template Library Denial of Service Vulnerability
CVE-2023-36602Windows TCP/IP Denial of Service Vulnerability
CVE-2023-36603Windows TCP/IP Denial of Service Vulnerability
CVE-2023-36606Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36703DHCP Server Service Denial of Service Vulnerability
CVE-2023-36707Windows Deployment Services Denial of Service Vulnerability
CVE-2023-36709Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2023-36717Windows Virtual Trusted Platform Module Denial of Service Vulnerability
CVE-2023-36720Windows Mixed Reality Developer Tools Denial of Service Vulnerability
CVE-2023-36728Microsoft SQL Server Denial of Service Vulnerability
CVE-2023-38171Microsoft QUIC Denial of Service Vulnerability


Information Disclosure (12 CVEs)

Important severity
CVE-2023-29348Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability
CVE-2023-36429Microsoft Dynamics 365 Information Disclosure Vulnerability
CVE-2023-36433Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2023-36438Windows TCP/IP Information Disclosure Vulnerability
CVE-2023-36563Microsoft WordPad Information Disclosure Vulnerability
CVE-2023-36567Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36576Windows Kernel Information Disclosure Vulnerability
CVE-2023-36596Remote Procedure Call Information Disclosure Vulnerability
CVE-2023-36706Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36713Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2023-36722Active Directory Domain Services Information Disclosure Vulnerability
CVE-2023-36724Windows Power Management Service Information Disclosure Vulnerability


Security Feature Bypass (4 CVEs)

Important severity
CVE-2023-36564Windows Search Security Feature Bypass Vulnerability
CVE-2023-36584Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2023-36698Windows Kernel Security Feature Bypass Vulnerability
CVE-2023-36700Microsoft Defender Security Feature Bypass Vulnerability


Spoofing (1 CVE)

Important severity
CVE-2023-36416Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

 

Appendix B: Exploitability

This is a list of the October CVEs judged by Microsoft to be more likely to be exploited in the wild within the first 30 days post-release, as well as those already known to be under exploit. Each list is further arranged by CVE.

Exploitation detected
CVE-2023-36563Microsoft WordPad Information Disclosure Vulnerability
CVE-2023-41763Skype for Business Elevation of Privilege Vulnerability
Exploitation more likely
CVE-2023-36594Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36713Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2023-36731Win32k Elevation of Privilege Vulnerability
CVE-2023-36732Win32k Elevation of Privilege Vulnerability
CVE-2023-36743Win32k Elevation of Privilege Vulnerability
CVE-2023-36776Win32k Elevation of Privilege Vulnerability
CVE-2023-36778Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36780Skype for Business Remote Code Execution Vulnerability
CVE-2023-38159Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-41772Win32k Elevation of Privilege Vulnerability

 

 Appendix C: Products Affected

This is a list of October’s patches sorted by product family, then sub-sorted by severity. Each list is further arranged by CVE.

Windows (80 CVEs)

Critical severity
CVE-2023-35349Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36697Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36718Windows Virtual Trusted Platform Module Elevation of Privilege Vulnerability
CVE-2023-38166Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41765Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41767Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41768Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41769Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41770Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41771Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41773Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41774Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Important severity
CVE-2023-29348Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability
CVE-2023-36431Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36434Windows IIS Server Elevation of Privilege Vulnerability
CVE-2023-36435Microsoft QUIC Denial of Service Vulnerability
CVE-2023-36436Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-36438Windows TCP/IP Information Disclosure Vulnerability
CVE-2023-36557PrintHTML API Remote Code Execution Vulnerability
CVE-2023-36563Microsoft WordPad Information Disclosure Vulnerability
CVE-2023-36564Windows Search Security Feature Bypass Vulnerability
CVE-2023-36567Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36570Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36571Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36572Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36573Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36574Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36575Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36576Windows Kernel Information Disclosure Vulnerability
CVE-2023-36577Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36578Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36579Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36581Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36582Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36583Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36584Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2023-36585Active Template Library Denial of Service Vulnerability
CVE-2023-36589Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36590Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36591Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36592Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36593Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36594Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36596Remote Procedure Call Information Disclosure Vulnerability
CVE-2023-36598Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36602Windows TCP/IP Denial of Service Vulnerability
CVE-2023-36603Windows TCP/IP Denial of Service Vulnerability
CVE-2023-36605Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
CVE-2023-36606Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36698Windows Kernel Security Feature Bypass Vulnerability
CVE-2023-36701Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-36702Microsoft DirectMusic Remote Code Execution Vulnerability
CVE-2023-36703DHCP Server Service Denial of Service Vulnerability
CVE-2023-36704Windows Setup Files Cleanup Remote Code Execution Vulnerability
CVE-2023-36706Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36707Windows Deployment Services Denial of Service Vulnerability
CVE-2023-36709Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2023-36710Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2023-36711Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2023-36712Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36713Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2023-36717Windows Virtual Trusted Platform Module Denial of Service Vulnerability
CVE-2023-36720Windows Mixed Reality Developer Tools Denial of Service Vulnerability
CVE-2023-36721Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2023-36722Active Directory Domain Services Information Disclosure Vulnerability
CVE-2023-36723Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2023-36724Windows Power Management Service Information Disclosure Vulnerability
CVE-2023-36725Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36726Windows Internet Key Exchange (IKE) Extension Elevation of Privilege  Vulnerability
CVE-2023-36729Named Pipe File System Elevation of Privilege Vulnerability
CVE-2023-36731Win32k Elevation of Privilege Vulnerability
CVE-2023-36732Win32k Elevation of Privilege Vulnerability
CVE-2023-36743Win32k Elevation of Privilege Vulnerability
CVE-2023-36776Win32k Elevation of Privilege Vulnerability
CVE-2023-36790Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability
CVE-2023-36902Windows Runtime Remote Code Execution Vulnerability
CVE-2023-38159Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-38171Microsoft QUIC Denial of Service Vulnerability
CVE-2023-41766Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2023-41772Win32k Elevation of Privilege Vulnerability


Azure (6 CVEs)

Important severity
CVE-2023-36414Azure Identity SDK Remote Code Execution Vulnerability
CVE-2023-36415Azure Identity SDK Remote Code Execution Vulnerability
CVE-2023-36418Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2023-36419Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability
CVE-2023-36561Azure DevOps Server Elevation of Privilege Vulnerability
CVE-2023-36737Azure Network Watcher VM Agent Elevation of Privilege Vulnerability


SQL (5 CVEs)

Important severity
CVE-2023-36417Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-36420Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36728Microsoft SQL Server Denial of Service Vulnerability
CVE-2023-36730Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36785Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability


Skype (4 CVEs)

Important severity
CVE-2023-36780Skype for Business Remote Code Execution Vulnerability
CVE-2023-36786Skype for Business Remote Code Execution Vulnerability
CVE-2023-36789Skype for Business Remote Code Execution Vulnerability
CVE-2023-41763Skype for Business Elevation of Privilege Vulnerability


Dynamics 365 (3 CVEs)

Important severity
CVE-2023-36416Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36429Microsoft Dynamics 365 Information Disclosure Vulnerability
CVE-2023-36433Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability


Office (3 CVEs)

Important severity
CVE-2023-36565Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2023-36568Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVE-2023-36569Microsoft Office Elevation of Privilege Vulnerability


.NET (1 CVE)

Important severity
CVE-2023-38171Microsoft QUIC Denial of Service Vulnerability


Exchange (1 CVE)

Important severity
CVE-2023-36778Microsoft Exchange Server Remote Code Execution Vulnerability


Microsoft Common Data Model SDK (1 CVE)

Critical severity
CVE-2023-36566Microsoft Common Data Model SDK Denial of Service Vulnerability


MMPC (1 CVE)

Important severity
CVE-2023-36700Microsoft Defender Security Feature Bypass Vulnerability


Visual Studio (1 CVE)

Important severity
CVE-2023-38171Microsoft QUIC Denial of Service Vulnerability

 

Appendix D: Other Products

This is a list of advisories in the October Microsoft release, sorted by product group.

Chromium / Edge (1 issue)

CVE-2023-5346Chromium: CVE-2023-5346 Type Confusion in V8

The CVE-2023-44487 covered extensively above also applies to Chromium / Edge.

 

 Appendix E: End of Servicing, End of Support, and other changes

These three tables cover Microsoft products changing status on 10 October 2023.

End of Servicing (2 products)
Dynamics 365 Business Central on-premises (Modern Policy), 2022 release wave 1, version 20.x
Windows 11 Home and Pro, Version 21H2

 

End of Support (21 products)
Excel 2019 for Mac
Hyper-V Server 2012
Hyper-V Server 2012 R2
Internet Explorer 7
Internet Information Services (IIS), IIS 8 on Windows Server 2012
Internet Information Services (IIS), IIS 8.5 on Windows Server 2012 R2
Microsoft Office 2019 for Mac
Microsoft Office Audit and Control Management Server 2013
Outlook 2019 for Mac
PowerPoint 2019 for Mac
Windows Embedded Compact 2013
Windows Embedded POSReady 7, Extended Security Update Year 2*
Windows Embedded Standard 7, Extended Security Update Year 3*
Windows MultiPoint Server 2012
Windows Server 2012
Windows Server 2012 R2
Windows Server Update Services for Windows Server 2012
Windows Server Update Services for Windows Server 2012 R2
Windows Storage Server 2012
Windows Storage Server 2012 R2
Word 2019 for Mac

 

Moving from Mainstream to Extended Support (11 products)
Access 2019
Dynamics 365 Business Central on-premises (Fixed Policy)
Excel 2019
Microsoft Office 2019
OneNote 2016
Outlook 2019
PowerPoint 2019
Project 2019
Publisher 2019
Visio 2019
Word 2019

 

http://feeds.feedburner.com/sophos/dgdY

Leave a Reply