Mastodawn

Sep 13, 2023

A summarized report I made of several sources regarding patchDay

This month we got patches for 66 vulnerabilities. Of these, 5 are critical, and 2 are already being exploited.
🔒 #InfoSec Update: #PatchDay Summary 🛡️

📊 Overview:

Total patches: 66
Critical: 5
Actively exploited: 2

🚨 Exploited Vulnerabilities:

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability (CVE-2023-36802).

successfully exploiting this vulnerability could gain SYSTEM privileges.
The CVSS is 6.8.
Details:
The vulnerability is currently awaiting further analysis. The CVSS 3.x severity and metrics have been provided by the Microsoft Corporation. The base score indicates that the vulnerability is of high severity. The vector string suggests that the vulnerability requires local access (AV:L), has a low attack complexity (AC:L), low privileges required (PR:L), no user interaction (UI:N), has an unchanged scope (S:U), and can lead to high confidentiality, integrity, and availability impacts (C:H/I:H/A:H).

Microsoft Word Information Disclosure Vulnerability (CVE-2023-36761).

The Preview Pane is an attack vector
exploiting this vulnerability could allow the disclosure of NTLM hashes.
Details:
The vulnerability is currently awaiting further analysis. The CVSS 3.x severity and metrics have been provided by the Microsoft Corporation, and the base score indicates that the vulnerability is of medium severity. The vector string suggests that the vulnerability requires local access (AV:L), has a low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), has an unchanged scope (S:U), and can lead to high confidentiality impact (C:H) without affecting integrity (I:N) or availability (A:N).

🔥 Critical Vulnerabilities:

a Remote Code Execution (RCE) vulnerability on Internet Connection Sharing (ICS) (CVE-2023-38148).

an unauthorized attacker could exploit this vulnerability by sending a specially crafted network packet to the Internet Connection Sharing (ICS) Service.
requires no user interaction
no privileges.
The CVSS is 8.8 - the highest for this month.
Affected Systems:
- Windows Server 2022
- Windows Server 2022 (Server Core installation)
- Windows 11 version 21H2 for x64-based Systems
- Windows 11 version 21H2 for ARM64-based Systems
- Windows 10 Version 21H2 for 32-bit Systems
- Windows 10 Version 21H2 for ARM64-based Systems
- Windows 10 Version 21H2 for x64-based Systems
- Windows 11 Version 22H2 for ARM64-based Systems
- Windows 11 Version 22H2 for x64-based Systems
- Windows 10 Version 22H2 for x64-based Systems
- Windows 10 Version 22H2 for ARM64-based Systems
- Windows 10 Version 22H2 for 32-bit Systems

a RCE affecting Visual Studio (CVE-2023-36793).

- second highest CVSS this month
- To exploit an attacker would have to convince a user to open a maliciously crafted package file in Visual Studio.
- exists in Visual Studio's DiaSymReader.dll. When this DLL reads a corrupted PDB (Program Database) file, it can lead to arbitrary code execution on the affected system.
- The CVSS is 7.8.
- Affected Systems:
- Visual Studio 2019

Stay vigilant and ensure your systems are updated! 💻🔧 #CyberSecurity #Vulnerabilities #MicrosoftPatches