Microsoft Patch Tuesday
This month’s Patch Tuesday has security updates to fix one actively exploited zero-day and a total of 97 vulnerabilities.
Fixes for multiple products were released as usual – including seven Critical severity vulnerabilities which allow Remote Code Execution.
The most important patch is:
CVE-2023-28252 – Windows Common Log File System Driver Privilege Escalation Vulnerability. A vulnerability in the Windows CLFS driver allowed escalation to SYSTEM privileges. Kaspersky say they informed Microsoft that this vulnerability was used in Nokoyama ransomware attacks.CVSS 3.1: 7.8 (High)
The patches this month break down as follows:
- 45 Remote Code Execution
- 20 Privilege Escalation
- 10 Information Disclosure
- 6 Spoofing
- 9 Denial of Service
- 8 Security Feature Bypass
Affected Products
- .NET Core
- Azure Machine Learning
- Azure Service Connector
- Microsoft Bluetooth Driver
- Microsoft Defender for Endpoint
- Microsoft Dynamics
- Microsoft Dynamics 365 Customer Voice
- Microsoft Edge (Chromium-based)
- Microsoft Graphics Component
- Microsoft Message Queuing
- Microsoft Office
- Microsoft Office Publisher
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft PostScript Printer Driver
- Microsoft Printer Drivers
- Microsoft WDAC OLE DB provider for SQL
- Microsoft Windows DNS
- Visual Studio
- Visual Studio Code
- Windows Active Directory
- Windows ALPC
- Windows Ancillary Function Driver for WinSock
- Windows Boot Manager
- Windows Clip Service
- Windows CNG Key Isolation Service
- Windows Common Log File System Driver
- Windows DHCP Server
- Windows Enroll Engine
- Windows Error Reporting
- Windows Group Policy
- Windows Internet Key Exchange (IKE) Protocol
- Windows Kerberos
- Windows Kernel
- Windows Layer 2 Tunneling Protocol
- Windows Lock Screen
- Windows Netlogon
- Windows Network Address Translation (NAT)
- Windows Network File System
- Windows Network Load Balancing
- Windows NTLM
- Windows PGM
- Windows Point-to-Point Protocol over Ethernet (PPPoE)
- Windows Point-to-Point Tunneling Protocol
- Windows Raw Image Extension
- Windows RDP Client
- Windows Registry
- Windows RPC API
- Windows Secure Boot
- Windows Secure Channel
- Windows Secure Socket Tunneling Protocol (SSTP)
- Windows Transport Security Layer (TLS)
- Windows Win32K