Microsoft releases 69 fixes this month including 6 Critical and 4 CVSS Rated 9.8

There are 6 Critical, 60 Important, 2 Moderate and a single Low severity fix this month.  Microsoft Windows, Windows Components, Office and Office Components, Exchange Server, Microsoft Edge (Chromium-based), SharePoint Server, .NET and Visual Studio, Microsoft Teams and the Remote Desktop Client have all received fixes this month.

Robert Brown, Head of Customer Success for Syxsense said, “We have 4 patches that resolve vulnerabilities which have a CVSS score of more than 9 (Critical) and if you count all the individual CVSS scores together, June has a combined CVSS score of 500.2 up from 275.3 last month.”

Based on the Vendor Severity & CVSS Score, we have made a few recommendations below.  As usual we recommend our customers enter the CVE numbers below into your Patch Management solution and deploy as soon as testing is complete.

CVE-2023-29357 – Microsoft SharePoint Server Elevation of Privilege Vulnerability
An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user.

Note:  The vulnerability is More Likely to be Exploited

Syxscore
  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: Yes
Syxscore Risk
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged / No

 

CVE-2023-29363 – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: Yes
Syxscore Risk
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged / No

 

CVE-2023-32009 – Windows Collaborative Translation Framework Elevation of Privilege Vulnerability
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

  • Vendor Severity: Important
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No
Syxscore Risk
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Changed / Yes
Reference Description Vendor Severity CVSS Score Weaponized Publicly Aware Countermeasure Additional Details Impact Exploitability Assessment
CVE-2023-29357 Microsoft SharePoint Server Elevation of Privilege Vulnerability Critical 9.8 No No Customers who have enabled the AMSI integration feature and use Microsoft Defender across their SharePoint Server farm(s) are protected from this vulnerability. Elevation of Privilege Exploitation More Likely
CVE-2023-29363 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical 9.8 No No None The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. Remote Code Execution Exploitation Less Likely
CVE-2023-32014 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical 9.8 No No None The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. Remote Code Execution Exploitation Less Likely
CVE-2023-32015 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical 9.8 No No None The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. Remote Code Execution Exploitation Less Likely
CVE-2023-29362 Remote Desktop Client Remote Code Execution Vulnerability Important 8.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29372 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important 8.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29373 Microsoft ODBC Driver Remote Code Execution Vulnerability Important 8.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-32009 Windows Collaborative Translation Framework Elevation of Privilege Vulnerability Important 8.8 No No None Scope: Changed
Jump Point: True
Elevation of Privilege Exploitation Less Likely
CVE-2023-32031 Microsoft Exchange Server Remote Code Execution Vulnerability Important 8.8 No No None Remote Code Execution Exploitation More Likely
CVE-2023-33131 Microsoft Outlook Remote Code Execution Vulnerability Important 8.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29351 Windows Group Policy Elevation of Privilege Vulnerability Important 8.1 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-24936 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Moderate 8.1 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-28310 Microsoft Exchange Server Remote Code Execution Vulnerability Important 8.0 No No None Remote Code Execution Exploitation More Likely
CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Critical 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-24895 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29326 .NET Framework Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29346 NTFS Elevation of Privilege Vulnerability Important 7.8 No No None An attacker who successfully exploited this vulnerability could gain administrator privileges. Elevation of Privilege Exploitation Less Likely
CVE-2023-29358 Windows GDI Elevation of Privilege Vulnerability Important 7.8 No No None Elevation of Privilege Exploitation More Likely
CVE-2023-29359 GDI Elevation of Privilege Vulnerability Important 7.8 No No None An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Elevation of Privilege Exploitation More Likely
CVE-2023-29360 Windows TPM Device Driver Elevation of Privilege Vulnerability Important 7.8 No No None An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Elevation of Privilege Exploitation More Likely
CVE-2023-29365 Windows Media Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29366 Windows Geolocation Service Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29367 iSCSI Target WMI Provider Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29370 Windows Media Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-29371 Windows GDI Elevation of Privilege Vulnerability Important 7.8 No No None An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Elevation of Privilege Exploitation More Likely
CVE-2023-32008 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-32017 Microsoft PostScript Printer Driver Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-32018 Windows Hello Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-32029 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-33137 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-33146 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-32022 Windows Server Service Security Feature Bypass Vulnerability Important 7.6 No No None Only AD-detached clusters are affected by this vulnerability. Security Feature Bypass Exploitation Less Likely
CVE-2023-29331 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Important 7.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-32011 Windows iSCSI Discovery Service Denial of Service Vulnerability Important 7.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-32030 .NET and Visual Studio Denial of Service Vulnerability Important 7.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-33141 Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability Important 7.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-33126 .NET and Visual Studio Remote Code Execution Vulnerability Important 7.3 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-33128 .NET and Visual Studio Remote Code Execution Vulnerability Important 7.3 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-33130 Microsoft SharePoint Server Spoofing Vulnerability Important 7.3 No No None Spoofing Exploitation Less Likely
CVE-2023-33133 Microsoft Excel Remote Code Execution Vulnerability Important 7.3 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-33135 .NET and Visual Studio Elevation of Privilege Vulnerability Important 7.3 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-21565 Azure DevOps Server Spoofing Vulnerability Important 7.1 No No None Spoofing Exploitation Less Likely
CVE-2023-29337 NuGet Client Remote Code Execution Vulnerability Important 7.1 No No None Remote Code Execution Exploitation Less Likely
CVE-2023-32021 Windows SMB Witness Service Security Feature Bypass Vulnerability Important 7.1 No No None Security Feature Bypass Exploitation Less Likely
CVE-2023-29361 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important 7.0 No No None An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Elevation of Privilege Exploitation More Likely
CVE-2023-29364 Windows Authentication Elevation of Privilege Vulnerability Important 7.0 No No None An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Elevation of Privilege Exploitation Less Likely
CVE-2023-29368 Windows Filtering Platform Elevation of Privilege Vulnerability Important 7.0 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-32010 Windows Bus Filter Driver Elevation of Privilege Vulnerability Important 7.0 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-32013 Windows Hyper-V Denial of Service Vulnerability Critical 6.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-24937 Windows CryptoAPI  Denial of Service Vulnerability Important 6.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-24938 Windows CryptoAPI  Denial of Service Vulnerability Important 6.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-29352 Windows Remote Desktop Security Feature Bypass Vulnerability Important 6.5 No No None Security Feature Bypass Exploitation Less Likely
CVE-2023-29369 Remote Procedure Call Runtime Denial of Service Vulnerability Important 6.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-32032 .NET and Visual Studio Elevation of Privilege Vulnerability Important 6.5 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-33129 Microsoft SharePoint Denial of Service Vulnerability Important 6.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-33140 Microsoft OneNote Spoofing Vulnerability Important 6.5 No No None Spoofing Exploitation Less Likely
CVE-2023-33142 Microsoft SharePoint Server Elevation of Privilege Vulnerability Important 6.5 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-32012 Windows Container Manager Service Elevation of Privilege Vulnerability Important 6.3 No No None Elevation of Privilege Exploitation Less Likely
CVE-2023-33132 Microsoft SharePoint Server Spoofing Vulnerability Important 6.3 No No None Spoofing Exploitation Less Likely
CVE-2023-32016 Windows Installer Information Disclosure Vulnerability Important 5.5 No No None Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Information Disclosure Exploitation Less Likely
CVE-2023-33139 Visual Studio Information Disclosure Vulnerability Important 5.5 No No None Information Disclosure Exploitation Less Likely
CVE-2023-21569 Azure DevOps Server Spoofing Vulnerability Moderate 5.5 No No None Spoofing Exploitation Less Likely
CVE-2023-29353 Sysinternals Process Monitor for Windows Denial of Service Vulnerability Low 5.5 No No None Denial of Service Exploitation Less Likely
CVE-2023-24896 Dynamics Finance and Operations Cross-site Scripting Vulnerability Important 5.4 No No None Scope: Changed
Jump Point: True
Spoofing Exploitation Less Likely
CVE-2023-29355 DHCP Server Service Information Disclosure Vulnerability Important 5.3 No No Customers who have not configured their DHCP server as a failover are not affected by this vulnerability. Information Disclosure Exploitation Less Likely
CVE-2023-33144 Visual Studio Code Spoofing Vulnerability Important 5.0 No No None Spoofing Exploitation Less Likely
CVE-2023-32019 Windows Kernel Information Disclosure Vulnerability Important 4.7 No No None Information Disclosure Exploitation Less Likely
CVE-2023-32020 Windows DNS Spoofing Vulnerability Important 3.7 No No None Spoofing Exploitation Less Likely
CVE-2023-32024 Microsoft Power Apps Spoofing Vulnerability Important 3.0 No No None Spoofing Exploitation Less Likely