Microsoft addresses 61 CVEs including 2 vulnerabilities that were exploited successful the wild.
- 5Critical
- 55Important
- 1Moderate
- 0Low
Microsoft patched 61 CVEs successful its September Patch Tuesday release, with 5 rated critical, 55 rated important and 1 rated moderate.
This month’s update includes patches for:
- .NET and Visual Studio
- .NET Core & Visual Studio
- .NET Framework
- 3D Builder
- 3D Viewer
- Azure DevOps
- Azure HDInsights
- Microsoft Azure Kubernetes Service
- Microsoft Dynamics
- Microsoft Dynamics Finance & Operations
- Microsoft Exchange Server
- Microsoft Identity Linux Broker
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office Outlook
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Streaming Service
- Microsoft Windows Codecs Library
- Visual Studio
- Visual Studio Code
- Windows Cloud Files Mini Filter Driver
- Windows Common Log File System Driver
- Windows Defender
- Windows DHCP Server
- Windows GDI
- Windows Internet Connection Sharing (ICS)
- Windows Kernel
- Windows Scripting
- Windows TCP/IP
- Windows Themes
Remote codification execution (RCE) vulnerabilities accounted for 39.3% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities astatine 27.9%.
CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability
CVE-2023-36761 is an accusation disclosure vulnerability successful Microsoft Word. It was assigned a CVSSv3 people of 6.2 and is rated important. According to Microsoft, it has been exploited successful the chaotic arsenic a zero-day and was publically disclosed anterior to a spot being available. Its find is credited to the Microsoft Threat Intelligence team.
Microsoft says that the preview pane is an onslaught vector, meaning that simply previewing a specially crafted record tin origin the exploit to trigger. Successful exploitation of this flaw would let for the disclosure of New Technology LAN Manager (NTLM) hashes. NTLM hashes could beryllium abused successful NTLM relay oregon pass-the-hash attacks to further an attacker's foothold into an organization.
This is the 2nd zero-day vulnerability disclosed this twelvemonth that could effect successful the disclosure of NTLM hashes. In its March 2023 Patch Tuesday Release, Microsoft patched CVE-2023-23397, an elevation of privilege vulnerability successful Microsoft Outlook that was besides exploited successful the chaotic arsenic a zero-day. According to Microsoft, CVE-2023-23397 was exploited arsenic a zero-day by a Russia-based menace actor.
CVE-2023-36802 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
CVE-2023-36802 is an EoP vulnerability successful the Microsoft Streaming Service Proxy. It was assigned a CVSSv3 people of 7.8 and is rated important. Exploitation of this flaw would assistance an attacker SYSTEM privileges. According to Microsoft, it has been exploited successful the chaotic arsenic a zero-day. Discovery of this flaw is credited to Valentina Palmiotti from IBM X-Force, Quan Jin and ze0r with DBAPPSecurity WeBin Lab and some the Microsoft Security Response Center (MSRC) and Microsoft Threat Intelligence.
Palmiotti said successful a post that a blog and exploit codification for the vulnerability volition “be released soon.”
Just saw that this vulnerability I reported to Microsoft was recovered to beryllium exploited successful the wild. Guess we are looking successful the close places. Blog and exploit codification to beryllium released soon.https://t.co/zCxcs5x8Kb
— chompie (@chompie1337) September 12, 2023
CVE-2023-36744, CVE-2023-36745 and CVE-2023-36756 | Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36744, CVE-2023-36745 and CVE-2023-36756 are RCE vulnerabilities affecting Microsoft Exchange. Each of these vulnerabilities were fixed CVSSv3 scores of 8.0 and were rated arsenic “Exploitation More Likely” utilizing the Microsoft Exploitability Index. Successful exploitation of these vulnerabilities requires an attacker to authenticate with LAN-access and person valid credentials for an Exchange user.
Including these 3 vulnerabilities, Microsoft has patched 13 different Exchange RCE vulnerabilities successful 2023 frankincense far. Microsoft Exchange continues to beryllium a sought aft people for ransomware groups and precocious persistent menace (APT) actors. In the aftermath of vulnerabilities similar ProxyLogon, ProxyShell and ProxyNotShell, it has go wide that attackers person their sights acceptable connected unpatched Microsoft Exchange Servers.
On August 3, a associated Cybersecurity Advisory (CSA) AA23-215A co-authored by aggregate U.S. and planetary agencies was released to item the top routinely exploited vulnerabilities of 2022. The database contains 42 Common Vulnerabilities and Exposures (CVEs) known to beryllium exploited by malicious actors which included 8 CVE’s affecting Microsoft Exchange Server. Patching of Microsoft Exchange Server vulnerabilities should beryllium a apical precedence for immoderate enactment that utilizes it.
Separately, an accusation disclosure vulnerability, CVE-2023-36777, was besides patched this month. This vulnerability was besides rated arsenic “Exploitation More Likely” and each 4 of these Exchange vulnerabilities were credited to Piotr Bazydlo of Trend Micro’s Zero Day Initiative.
CVE-2023-38143, CVE-2023-38144 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-38143 and CVE-2023-38144 are EoP vulnerabilities successful the Windows Common Log File System (CLFS) Driver. Both CVEs were assigned a CVSSv3 people of 7.8 and are rated arsenic “Exploitation More Likely.” An authenticated attacker could exploit these vulnerabilities to summation SYSTEM privileges.
With the summation of these 2 CVEs, 7 EoP vulnerabilities were discovered successful the Windows CLFS Driver successful 2023, 2 of which were exploited successful the chaotic arsenic zero-days (CVE-2023-23376, CVE-2023-28252).
Tenable Solutions
A database of each the plugins released for Tenable’s September 2023 Patch Tuesday update tin beryllium recovered here. As always, we urge patching systems arsenic soon arsenic imaginable and regularly scanning your situation to place those systems yet to beryllium patched.
For much circumstantial guidance connected champion practices for vulnerability assessments, delight notation to our blog station connected How to Perform Efficient Vulnerability Assessments with Tenable.
Get much information
- Microsoft's September 2023 Security Updates
- Tenable plugins for Microsoft September 2023 Patch Tuesday Security Updates
Join Tenable's Security Response Team connected the Tenable Community.
Learn much astir Tenable One, the Exposure Management Platform for the modern onslaught surface.
Tenable Security Response Team
The Tenable Security Response Team (SRT) tracks menace and vulnerability quality feeds to guarantee our probe teams tin present sensor sum to our products arsenic rapidly arsenic possible. The SRT besides works to analyse and measure method details and writes achromatic papers, blogs and further communications to guarantee stakeholders are afloat informed of the latest risks and threats. The SRT provides breakdowns for the latest vulnerabilities connected the Tenable blog.
Cybersecurity News You Can Use
Enter your email and ne'er miss timely alerts and information guidance from the experts astatine Tenable.
Tenable Vulnerability Management
Formerly Tenable.io
Enjoy afloat entree to a modern, cloud-based vulnerability absorption level that enables you to spot and way each of your assets with unmatched accuracy.
Your Tenable Vulnerability Management proceedings besides includes Tenable Lumin, Tenable Web App Scanning and Tenable Cloud Security.
Tenable Vulnerability Management
Formerly Tenable.io
Enjoy afloat entree to a modern, cloud-based vulnerability absorption level that enables you to spot and way each of your assets with unmatched accuracy. Purchase your yearly subscription today.
65 assets
Choose Your Subscription Option:
Thank You
Thank you for your involvement successful Tenable.io. A typical volition beryllium successful interaction soon.
Try Tenable Nessus Professional Free
FREE FOR 7 DAYS
Tenable Nessus is the astir broad vulnerability scanner connected the marketplace today.
NEW - Tenable Nessus Expert
Now Available
Nessus Expert adds adjacent much features, including outer onslaught aboveground scanning, and the quality to adhd domains and scan unreality infrastructure. Click present to Try Nessus Expert.
Fill retired the signifier beneath to proceed with a Nessus Pro Trial.
Buy Tenable Nessus Professional
Tenable Nessus is the astir broad vulnerability scanner connected the marketplace today. Tenable Nessus Professional volition assistance automate the vulnerability scanning process, prevention clip successful your compliance cycles and let you to prosecute your IT team.
Buy a multi-year licence and save. Add Advanced Support for entree to phone, assemblage and chat enactment 24 hours a day, 365 days a year.
Enjoy afloat entree to a modern, cloud-based vulnerability absorption level that enables you to spot and way each of your assets with unmatched accuracy.
Your Tenable Vulnerability Management proceedings besides includes Tenable Lumin, Tenable Web App Scanning and Tenable Cloud Security.
BUY
Enjoy afloat entree to a modern, cloud-based vulnerability absorption level that enables you to spot and way each of your assets with unmatched accuracy. Purchase your yearly subscription today.
65 assets
Choose Your Subscription Option:
Thank You
Thank you for your involvement successful Tenable.io. A typical volition beryllium successful interaction soon.
Try Tenable Web App Scanning
Formerly Tenable.io Web Application Scanning
Enjoy afloat entree to our latest web exertion scanning offering designed for modern applications arsenic portion of the Tenable One Exposure Management platform. Safely scan your full online portfolio for vulnerabilities with a precocious grade of accuracy without dense manual effort oregon disruption to captious web applications. Sign up now.
Your Tenable Web App Scanning proceedings besides includes Tenable Vulnerability Management, Tenable Lumin and Tenable Cloud Security.
Buy Tenable Web App Scanning
Formerly Tenable.io Web Application Scanning
Enjoy afloat entree to a modern, cloud-based vulnerability absorption level that enables you to spot and way each of your assets with unmatched accuracy. Purchase your yearly subscription today.
Try Tenable Lumin
Visualize and research your vulnerability management, way hazard simplification implicit clip and benchmark against your peers with Tenable Lumin.
Your Tenable Lumin proceedings besides includes Tenable Vulnerability Management, Tenable Web App Scanning and Tenable Cloud Security.
Buy Tenable Lumin
Contact a Sales Representative to spot however Tenable Lumin tin assistance you summation penetration crossed your full enactment and negociate cyber risk.
Thank You
Thank you for your involvement successful Tenable Lumin. A typical volition beryllium successful interaction soon.
Request a demo of Tenable Security Center
Formerly Tenable.sc
Please capable retired this signifier with your interaction information.
A income typical volition interaction you soon to docket a demo.
* Field is required
Request a demo of Tenable OT Security
Formerly Tenable.ot
Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.
Request a demo of Tenable Identity Exposure
Formerly Tenable.ad
Continuously observe and respond to Active Directory attacks. No agents. No privileges.
On-prem and successful the cloud.
Try Tenable Cloud Security
Formerly Tenable.cs
Enjoy afloat entree to observe and hole unreality infrastructure misconfigurations and presumption runtime vulnerabilities. Sign up for your escaped proceedings now. To larn much astir the proceedings process click here.
Your Tenable Cloud Security proceedings besides includes Tenable Vulnerability Management, Tenable Lumin and Tenable Web App Scanning.
Contact a Sales Rep to Buy Tenable Cloud Security
Contact a Sales Representative to larn much astir Tenable Cloud Security and spot however casual it is to onboard your unreality accounts and get visibility into some unreality misconfigurations and vulnerabilities wrong minutes.
Thank You
Thank you for your involvement successful Tenable.cs. A typical volition beryllium successful interaction soon.
See
Tenable One
In Action
Exposure absorption for the modern onslaught surface.
See Tenable Attack Surface Management In Action
Formerly Tenable.asm
Know the vulnerability of each plus connected immoderate platform.
Thank You
Thank you for your involvement successful Tenable Attack Surface Management. A typical volition beryllium successful interaction soon.
Try Tenable Nessus Expert Free
FREE FOR 7 DAYS
Built for the modern onslaught surface, Nessus Expert enables you to spot much and support your enactment from vulnerabilities from IT to the cloud.
Already person Tenable Nessus Professional?
Upgrade to Nessus Expert escaped for 7 days.
Buy Tenable Nessus Expert
Built for the modern onslaught surface, Nessus Expert enables you to spot much and support your enactment from vulnerabilities from IT to the cloud.
Try Nessus Expert Free
FREE FOR 7 DAYS
Built for the modern onslaught surface, Nessus Expert enables you to spot much and support your enactment from vulnerabilities from IT to the cloud.
Already person Nessus Professional?
Upgrade to Nessus Expert escaped for 7 days.
Buy Tenable Nessus Expert
Built for the modern onslaught surface, Nessus Expert enables you to spot much and support your enactment from vulnerabilities from IT to the cloud.
English (US)