In November 2023 [1] [4] [5] [6], Microsoft released its Patch Tuesday updates, addressing a total of 58 vulnerabilities in its Windows operating systems and related software [3]. This update included both actively exploited vulnerabilities and publicly disclosed zero-day bugs.
Description
Among the vulnerabilities addressed in the November 2023 update were five zero-day flaws, three of which were actively exploited in attacks [2]. These actively exploited vulnerabilities involved elevation of privilege and security feature bypass.
The first flaw, CVE-202336025 [1] [3] [5] [6], allowed attackers to bypass the Windows SmartScreen Security feature by tricking users into clicking on a malicious link.
The second flaw, CVE-202336033 [1] [3] [5] [6], affected the “DWM Core Library” in Microsoft Windows and could be exploited locally without high-level privileges or user interaction [3], granting attackers SYSTEM-level privileges.
The third flaw, CVE-202336036 [1] [3] [5] [6], affected the “Windows Cloud Files Mini Filter Driver” and also allowed attackers to gain SYSTEM privileges [3] [5].
In addition to the actively exploited vulnerabilities, Microsoft also addressed three other publicly disclosed zero-day bugs in the November 2023 update. These bugs include a Microsoft Office Security Feature Bypass Vulnerability and an ASPNET Core Denial of Service Vulnerability [4]. However, two of the publicly disclosed bugs [1] [2] [4], CVE-202336413 and CVE-202336038 [1], were not actively exploited in attacks [1] [2].
Furthermore, Microsoft patched several new Exchange vulnerabilities [3], including CVE-202336439 [3] [6], which enabled attackers to install malicious software on an Exchange server [3]. It is important to note that this particular vulnerability required the attacker to be authenticated to the target’s local network.
Conclusion
Overall, the November 2023 update from Microsoft addressed a range of vulnerabilities, including actively exploited flaws and publicly disclosed bugs. While the update was smaller in scale compared to the previous month, it highlights the ongoing need for vigilance in maintaining the security of Windows operating systems and related software. Users should ensure they apply the necessary patches and updates to mitigate the risks associated with these vulnerabilities.
References
[1] https://vulnera.com/newswire/microsofts-november-2023-patch-tuesday-addresses-58-flaws-and-5-zero-days/
[2] https://blog.cyberconvoy.com/microsoft-november-2023-patch-tuesday-fixes-5-zero-days-58-flaws/
[3] https://krebsonsecurity.com/2023/11/microsoft-patch-tuesday-november-2023-edition/
[4] https://cyber.vumetric.com/security-news/2023/11/14/microsoft-november-2023-patch-tuesday-fixes-5-zero-days-58-flaws/
[5] https://blog.talosintelligence.com/microsoft-patch-tuesday-november-2023/
[6] https://www.darkreading.com/vulnerabilities-threats/microsoft-zero-days-allow-defender-bypass-privilege-escalation
