Microsoft has released their security patches as part of their Patch Tuesday for November 2023. Microsoft has patched nearly 58 flaws, including 5 zero-day vulnerabilities.
The vulnerabilities were associated with Privilege Escalation (16), Remote code execution (15), Spoofing (11), Security Feature Bypass (6), Information Disclosure (6), and Denial of Service (5).
Microsoft also republished 15 non-Microsoft CVEs, which existent on Microsoft Bluetooth Driver and Microsoft Edge (Chromium-based) as mentioned in their release notes of November 2023.
Zero-Day Vulnerabilities
Microsoft mentioned three zero-day vulnerabilities as “Exploited Detected” as threat actors exploited them in the wild.
CVE-2023-36036 – Elevation of Privilege in Windows Cloud Files Mini Filter Driver
A threat actor could exploit this vulnerability and gain SYSTEM privilege to perform several malicious activities on the compromised system.
This vulnerability affected Microsoft Windows Server 2019, 32-bit Systems, x64-based Systems, ARM64-based Systems, Windows Server 2022, Windows 11 version 21H2, and many other Microsoft Products.
The severity for this vulnerability has been given as 7.8 (High). However, there was no additional information about this vulnerability, such as how it was exploited or by which threat actor.
CVE-2023-36025: Security Feature Bypass in Multiple Windows Products
This vulnerability can be exploited by an unauthorized threat actor who does not require any access or settings for attacking. However, to successfully exploit this vulnerability, a user interaction is required.
This vulnerability existed in multiple Microsoft products and was rated 8.8 (High). Microsoft provided no additional information about this zero-day vulnerability.
CVE-2023-36033: Elevation of Privilege in Windows DWM Core Library
This was another zero-day vulnerability mentioned by Microsoft, which a threat actor could exploit. However, no user interaction is required to exploit this vulnerability, but a basic user privilege is required to exploit this vulnerability.
This vulnerability was given a severity of 7.8 (High) and is found to exist on many Microsoft products. Microsoft provided no other additional information about this vulnerability.
TagCVEBase ScoreExploitabilityFAQs?Workarounds?Mitigations?Windows Protected EAP (PEAP)CVE-2023-360289.8Exploitation Less LikelyYesNoYesWindows Internet Connection Sharing (ICS)CVE-2023-363979.8Exploitation Less LikelyYesNoYesWindows ScriptingCVE-2023-360178.8Exploitation More LikelyYesNoNoWindows SmartScreenCVE-2023-360258.8Exploitation DetectedYesNoNoWindows HMAC Key DerivationCVE-2023-364008.8Exploitation Less LikelyYesNoNoMicrosoft WDAC OLE DB provider for SQLCVE-2023-364028.8Exploitation Less LikelyYesNoNoAzure DevOpsCVE-2023-364378.8Exploitation Less LikelyYesNoNoASP.NETCVE-2023-365608.8Exploitation Less LikelyYesNoNoAzureCVE-2023-381518.8Exploitation Less LikelyYesNoYesAzureCVE-2023-360528.6Exploitation Less LikelyYesNoNoMicrosoft Windows SpeechCVE-2023-367198.4Exploitation Less LikelyYesNoNoASP.NETCVE-2023-360388.2Exploitation Less LikelyYesNoNoAzureCVE-2023-360218Exploitation Less LikelyYesNoNoMicrosoft Exchange ServerCVE-2023-360358Exploitation More LikelyYesNoNoMicrosoft Exchange ServerCVE-2023-360398Exploitation More LikelyYesNoNoMicrosoft Exchange ServerCVE-2023-360508Exploitation More LikelyYesNoNoWindows Distributed File System (DFS)CVE-2023-364258Exploitation Less LikelyYesNoNoMicrosoft Exchange ServerCVE-2023-364398Exploitation More LikelyYesNoNoVisual Studio CodeCVE-2023-360187.8Exploitation Less LikelyYesNoNoWindows DWM Core LibraryCVE-2023-360337.8Exploitation DetectedYesNoNoWindows Cloud Files Mini Filter DriverCVE-2023-360367.8Exploitation DetectedYesNoNoMicrosoft Office ExcelCVE-2023-360377.8Exploitation Less LikelyYesNoNoMicrosoft Office ExcelCVE-2023-360417.8Exploitation Less LikelyYesNoNoMicrosoft OfficeCVE-2023-360457.8Exploitation Less LikelyYesNoNoWindows Authentication MethodsCVE-2023-360477.8Exploitation Less LikelyYesNoNoTablet Windows User InterfaceCVE-2023-363937.8Exploitation Less LikelyYesNoNoWindows Compressed FolderCVE-2023-363967.8Exploitation Less LikelyYesNoNoWindows Hyper-VCVE-2023-364077.8Exploitation Less LikelyYesNoNoWindows Hyper-VCVE-2023-364087.8Exploitation Less LikelyYesNoNoWindows DefenderCVE-2023-364227.8Exploitation Less LikelyYesNoNoWindows Common Log File System DriverCVE-2023-364247.8Exploitation More LikelyYesNoNoWindows InstallerCVE-2023-367057.8Exploitation Less LikelyYesNoNoMicrosoft DynamicsCVE-2023-360077.6Exploitation Less LikelyYesNoNoMicrosoft DynamicsCVE-2023-360317.6Exploitation Less LikelyYesNoNo.NET FrameworkCVE-2023-360497.6Exploitation Less LikelyYesNoNoMicrosoft DynamicsCVE-2023-364107.6Exploitation Less LikelyYesNoNoWindows DHCP ServerCVE-2023-363927.5Exploitation Less LikelyNoNoNoWindows Deployment ServicesCVE-2023-363957.5Exploitation Less LikelyNoNoNoMicrosoft Edge (Chromium-based)CVE-2023-360147.3Exploitation Less LikelyYesNoNoMicrosoft Edge (Chromium-based)CVE-2023-360347.3Exploitation Less LikelyYesNoNoMicrosoft Remote Registry ServiceCVE-2023-364017.2Exploitation Less LikelyYesNoNoMicrosoft Remote Registry ServiceCVE-2023-364237.2Exploitation Less LikelyYesNoNoMicrosoft Edge (Chromium-based)CVE-2023-360247.1Exploitation Less LikelyYesNoNoMicrosoft Edge (Chromium-based)CVE-2023-360277.1Exploitation Less LikelyYesNoNoWindows Authentication MethodsCVE-2023-360467.1Exploitation Less LikelyYesNoNoWindows StorageCVE-2023-363997.1Exploitation More LikelyYesNoNoMicrosoft Windows Search ComponentCVE-2023-363947Exploitation More LikelyYesNoNoWindows KernelCVE-2023-364037Exploitation Less LikelyYesNoNoWindows KernelCVE-2023-364057Exploitation Less LikelyYesNoNoWindows Hyper-VCVE-2023-364277Exploitation Less LikelyYesNoNoMicrosoft Edge (Chromium-based)CVE-2023-360226.6Exploitation Less LikelyYesNoNoOpen Management InfrastructureCVE-2023-360436.5Exploitation Less LikelyYesNoNoWindows NTFSCVE-2023-363986.5Exploitation Less LikelyYesNoNoMicrosoft OfficeCVE-2023-364136.5Exploitation More LikelyYesNoNoMicrosoft DynamicsCVE-2023-360166.2Exploitation Less LikelyYesNoNoVisual StudioCVE-2023-360426.2Exploitation Less LikelyNoNoNoASP.NETCVE-2023-365586.2Exploitation Less LikelyYesNoNoMicrosoft Dynamics 365 SalesCVE-2023-360306.1Exploitation Less LikelyYesNoNoMicrosoft Office SharePointCVE-2023-381776.1Exploitation More LikelyYesNoNoWindows KernelCVE-2023-364045.5Exploitation Less LikelyYesNoNoWindows Hyper-VCVE-2023-364065.5Exploitation Less LikelyYesNoNoWindows Authentication MethodsCVE-2023-364285.5Exploitation Less LikelyYesNoNoMicrosoft Edge (Chromium-based)CVE-2023-360294.3Exploitation Less LikelyYesNoNo
Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.
The post 5 New Zero-day Vulnerabilities Patched in the Microsoft Security Update appeared first on Cyber Security News.
Cyber Security News
