Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Webinar Library

Latest Blogs

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Cracking AD Passwords with NTDSXtract, Dsusers.py and John the Ripper

Cracking local windows passwords with Mimikatz, LSA dump and Hashcat

Top Resources

Security Log

Additional Resources

September, 2023: Patch Tuesday - Two Zero Days; Five Critical

Since our last Patch Tuesday newsletter in August, Microsoft has released updates for 98 vulnerabilities with 63 of those being released today. Just like last month we have two zero days this month currently being exploited; CVE-2023-36802 and CVE-2023-36761. CVE-2023-36802 is exploited but not publicly disclosed and could allow an attacker who is successful to gain SYSTEM privileges. CVE-2023-36761 is both publicly disclosed and being exploited. A successful exploit could allow an attacker access to NTLM hashes. Both of these should be updated immediately. The only other thing to mention are five updates that are rated as critical. These are CVE-2023-29332, CVE-2023-36792, CVE-2023-36793, CVE-2023-36796 and CVE-2023-38148. Besides our two zero days and these five criticals, there isn't much excitement with this months Patch Tuesday.

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 Server 2008 SP2, 2008R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations	Critical	CVE-2023-35355 CVE-2023-36801 CVE-2023-36802* CVE-2023-36803 CVE-2023-36804 CVE-2023-36805 CVE-2023-38139 CVE-2023-38140 CVE-2023-38141 CVE-2023-38142 CVE-2023-38143 CVE-2023-38144 CVE-2023-38146 CVE-2023-38147 CVE-2023-38148 CVE-2023-38149 CVE-2023-38150 CVE-2023-38152 CVE-2023-38160 CVE-2023-38161 CVE-2023-38162	Workaround: No Exploited: Yes* Public: No	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass
Edge	Chromium-based For iOS and Android	Moderate	CVE-2023-2312 CVE-2023-36741 CVE-2023-36787 CVE-2023-38158 CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353 CVE-2023-4354 CVE-2023-4355 CVE-2023-4356 CVE-2023-4357 CVE-2023-4358 CVE-2023-4359 CVE-2023-4360 CVE-2023-4361 CVE-2023-4362 CVE-2023-4363 CVE-2023-4364 CVE-2023-4365 CVE-2023-4366 CVE-2023-4367 CVE-2023-4368 CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 CVE-2023-4572 CVE-2023-4761 CVE-2023-4762 CVE-2023-4763 CVE-2023-4764 CVE-2023-4863	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure
Office	365 Apps for Enterprise Excel/Word/OneNote 2013 RT SP1, 2013 SP1, 2016 Outlook 2016 2013 RT SP1, 2013 SP1, 2016, 2019, LTSC 2021 2019 for Mac, LTSC for Mac 2021 Online Server	Moderate	CVE-2023-36761* CVE-2023-36762 CVE-2023-36763 CVE-2023-36765 CVE-2023-36766 CVE-2023-36767 CVE-2023-36769 CVE-2023-41764	Workaround: No Exploited: Yes* *Public: Yes*	Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Important	CVE-2023-36762 CVE-2023-36764	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
.NET	6 and 7 .NET Framework 2.0 SP2, 3.0 SP2, 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1	Critical	CVE-2023-36788 CVE-2023-36792 CVE-2023-36793 CVE-2023-36794 CVE-2023-36796 CVE-2023-36799	Workaround: No Exploited: No Public: No	Denial of Service Remote Code Execution
Visual Studio	2022 17.7 and earlier 2019 16.11 and earlier 2017 15.9 and earlier VS Code	Critical	CVE-2023-36742 CVE-2023-36758 CVE-2023-36759 CVE-2023-36792 CVE-2023-36793 CVE-2023-36794 CVE-2023-36796 CVE-2023-36799 CVE-2023-39956	Workaround: No Exploited: No Public: No	Denial of Service Elevation of Privilege Remote Code Execution
Dynamics 365	On-Premises 9.0 & 9.1 Finance and Operations	Important	CVE-2023-36800 CVE-2023-36886 CVE-2023-38164	Workaround: No Exploited: No Public: No	Spoofing
Exchange	Server 2016 CU23 Server 2019 CU12 & CU13	Important	CVE-2023-36744 CVE-2023-36745 CVE-2023-36756 CVE-2023-36757 CVE-2023-36777	Workaround: No Exploited: No Public: No	Information Disclosure Remote Code Execution Spoofing
Azure	DevOps Server 2020.0.2, 2020.1.2, 2019.1.2, 2019.0.1 MS Identity Linux Broker HDInsights Kubernetes Service	Critical	CVE-2023-29332 CVE-2023-33136 CVE-2023-36736 CVE-2023-38155 CVE-2023-38156	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
System Center	MS Defender Security Intelligence Updates	Important	CVE-2023-38163	Workaround: No Exploited: No Public: No	Security Feature Bypass
Apps	3D Viewer 3D Builder	Important	CVE-2022-41303 CVE-2023-36739 CVE-2023-36740 CVE-2023-36760 CVE-2023-36770 CVE-2023-36771 CVE-2023-36772 CVE-2023-36773	Workaround: No Exploited: No Public: No	Remote Code Execution

Send me this chart next Patch Tuesday.

User name:
Password:
	/ Forgot?
	Register

September 2023 Patch Monday	"Patch Tuesday - Two Zero Days; Five Critical " - sponsored by LOGbinder

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2023 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.