Today is Microsoft’s November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
While fourteen remote code execution (RCE) bugs were fixed, Microsoft only rated one as critical. The three critical flaws fixed today are an Azure information disclosure bug, an RCE in Windows Internet Connection Sharing (ICS), and a Hyper-V escape flaw that allows the executions of programs on the host with SYSTEM privileges.
The number of bugs in each vulnerability category is listed below:
- 26 Elevation of Privilege Vulnerabilities
- 3 Security Feature Bypass Vulnerabilities
- 45 Remote Code Execution Vulnerabilities
- 12 Information Disclosure Vulnerabilities
- 17 Denial of Service Vulnerabilities
- 1 Spoofing Vulnerabilities
The total count of 58 flaws does not include 5 Mariner security updates and 20 Microsoft Edge security updates released earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5032190 cumulative update and Windows 10 KB5032189 cumulative update.
Five zero-days fixed
This month’s Patch Tuesday fixes five zero-day vulnerabilities, with three exploited in attacks and three publicly disclosed.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The three actively exploited zero-day vulnerabilities in today’s updates are:
CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Microsoft has fixed an actively exploited Windows Cloud Files Mini Filter Elevation of Privileges bug.
“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” explains Microsoft.
It is not known how the flaw was abused in attacks or by what threat actor.
The flaw was discovered internally by the Microsoft Threat Intelligence Microsoft Security Response Center.
CVE-2023-36033 – Windows DWM Core Library Elevation of Privilege Vulnerability
Microsoft has fixed an actively exploited and publicly disclosed Windows DWM Core Library vulnerability that can be used to elevate privileges to SYSTEM.
“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” explains Microsoft.
Microsoft says that the flaw was discovered by Quan Jin(@jq0904) with DBAPPSecurity WeBin Lab but did not share details on how they were used in attacks.
CVE-2023-36025 – Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft has fixed an actively exploited Windows SmartScreen flaw that allows a malicious Internet Shortcut to bypass security checks and warnings.
“The attacker would be able to bypass Windows Defender SmartScreen checks and their associated prompts,” explains Microsoft.
“The user would have to click on a specially crafted Internet Shortcut (.URL) or a hyperlink pointing to an Internet Shortcut file to be compromised by the attacker,” continues Microsoft.
Microsoft says that the flaw was discovered by Will Metcalf (Splunk), Microsoft Threat Intelligence, and the Microsoft Office Product Group Security Team.
BleepingComputer contacted Splunk about the flaw to learn how it was exploited.
In addition, Microsoft says that two other publicly disclosed zero-day bugs, ‘CVE-2023-36413 – Microsoft Office Security Feature Bypass Vulnerability’ and the ‘CVE-2023-36038 — ASP.NET Core Denial of Service Vulnerability,’ were also fixed as part of today’s Patch Tuesday.
However, Microsoft says that they were not actively exploited in attacks.
Recent updates from other companies
Other vendors who released updates or advisories in November 2023 include:
The November 2023 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities in the November 2023 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
.NET Framework | CVE-2023-36049 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | Important |
ASP.NET | CVE-2023-36560 | ASP.NET Security Feature Bypass Vulnerability | Important |
ASP.NET | CVE-2023-36038 | ASP.NET Core Denial of Service Vulnerability | Important |
ASP.NET | CVE-2023-36558 | ASP.NET Core – Security Feature Bypass Vulnerability | Important |
Azure | CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | Critical |
Azure | CVE-2023-38151 | Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability | Important |
Azure | CVE-2023-36021 | Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability | Important |
Azure DevOps | CVE-2023-36437 | Azure DevOps Server Remote Code Execution Vulnerability | Important |
Mariner | CVE-2020-1747 | Unknown | Unknown |
Mariner | CVE-2023-46316 | Unknown | Unknown |
Mariner | CVE-2023-46753 | Unknown | Unknown |
Mariner | CVE-2020-8554 | Unknown | Unknown |
Mariner | CVE-2020-14343 | Unknown | Unknown |
Microsoft Bluetooth Driver | CVE-2023-24023 | Mitre: CVE-2023-24023 Bluetooth Vulnerability | Important |
Microsoft Dynamics | CVE-2023-36016 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
Microsoft Dynamics | CVE-2023-36007 | Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability | Important |
Microsoft Dynamics | CVE-2023-36031 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
Microsoft Dynamics | CVE-2023-36410 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important |
Microsoft Dynamics 365 Sales | CVE-2023-36030 | Microsoft Dynamics 365 Sales Spoofing Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2023-36014 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2023-5996 | Chromium: CVE-2023-5996 Use after free in WebAudio | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-36022 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2023-36027 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2023-36029 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2023-5480 | Chromium: CVE-2023-5480 Inappropriate implementation in Payments | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5856 | Chromium: CVE-2023-5856 Use after free in Side Panel | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5855 | Chromium: CVE-2023-5855 Use after free in Reading Mode | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5854 | Chromium: CVE-2023-5854 Use after free in Profiles | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5859 | Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5858 | Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5857 | Chromium: CVE-2023-5857 Inappropriate implementation in Downloads | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5850 | Chromium: CVE-2023-5850 Incorrect security UI in Downloads | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5849 | Chromium: CVE-2023-5849 Integer overflow in USB | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5482 | Chromium: CVE-2023-5482 Insufficient data validation in USB | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5853 | Chromium: CVE-2023-5853 Incorrect security UI in Downloads | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5852 | Chromium: CVE-2023-5852 Use after free in Printing | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-5851 | Chromium: CVE-2023-5851 Inappropriate implementation in Downloads | Unknown |
Microsoft Edge (Chromium-based) | CVE-2023-36024 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2023-36034 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Moderate |
Microsoft Exchange Server | CVE-2023-36439 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important |
Microsoft Exchange Server | CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability | Important |
Microsoft Exchange Server | CVE-2023-36039 | Microsoft Exchange Server Spoofing Vulnerability | Important |
Microsoft Exchange Server | CVE-2023-36035 | Microsoft Exchange Server Spoofing Vulnerability | Important |
Microsoft Office | CVE-2023-36413 | Microsoft Office Security Feature Bypass Vulnerability | Important |
Microsoft Office | CVE-2023-36045 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important |
Microsoft Office Excel | CVE-2023-36041 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office Excel | CVE-2023-36037 | Microsoft Excel Security Feature Bypass Vulnerability | Important |
Microsoft Office SharePoint | CVE-2023-38177 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
Microsoft Remote Registry Service | CVE-2023-36423 | Microsoft Remote Registry Service Remote Code Execution Vulnerability | Important |
Microsoft Remote Registry Service | CVE-2023-36401 | Microsoft Remote Registry Service Remote Code Execution Vulnerability | Important |
Microsoft WDAC OLE DB provider for SQL | CVE-2023-36402 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important |
Microsoft Windows Search Component | CVE-2023-36394 | Windows Search Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows Speech | CVE-2023-36719 | Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability | Important |
Open Management Infrastructure | CVE-2023-36043 | Open Management Infrastructure Information Disclosure Vulnerability | Important |
Tablet Windows User Interface | CVE-2023-36393 | Windows User Interface Application Core Remote Code Execution Vulnerability | Important |
Visual Studio | CVE-2023-36042 | Visual Studio Denial of Service Vulnerability | Important |
Visual Studio Code | CVE-2023-36018 | Visual Studio Code Jupyter Extension Spoofing Vulnerability | Important |
Windows Authentication Methods | CVE-2023-36047 | Windows Authentication Elevation of Privilege Vulnerability | Important |
Windows Authentication Methods | CVE-2023-36428 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | Important |
Windows Authentication Methods | CVE-2023-36046 | Windows Authentication Denial of Service Vulnerability | Important |
Windows Cloud Files Mini Filter Driver | CVE-2023-36036 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
Windows Common Log File System Driver | CVE-2023-36424 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
Windows Compressed Folder | CVE-2023-36396 | Windows Compressed Folder Remote Code Execution Vulnerability | Important |
Windows Defender | CVE-2023-36422 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Important |
Windows Deployment Services | CVE-2023-36395 | Windows Deployment Services Denial of Service Vulnerability | Important |
Windows DHCP Server | CVE-2023-36392 | DHCP Server Service Denial of Service Vulnerability | Important |
Windows Distributed File System (DFS) | CVE-2023-36425 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | Important |
Windows DWM Core Library | CVE-2023-36033 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
Windows HMAC Key Derivation | CVE-2023-36400 | Windows HMAC Key Derivation Elevation of Privilege Vulnerability | Critical |
Windows Hyper-V | CVE-2023-36427 | Windows Hyper-V Elevation of Privilege Vulnerability | Important |
Windows Hyper-V | CVE-2023-36407 | Windows Hyper-V Elevation of Privilege Vulnerability | Important |
Windows Hyper-V | CVE-2023-36406 | Windows Hyper-V Information Disclosure Vulnerability | Important |
Windows Hyper-V | CVE-2023-36408 | Windows Hyper-V Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2023-36705 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows Internet Connection Sharing (ICS) | CVE-2023-36397 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical |
Windows Kernel | CVE-2023-36405 | Windows Kernel Elevation of Privilege Vulnerability | Important |
Windows Kernel | CVE-2023-36404 | Windows Kernel Information Disclosure Vulnerability | Important |
Windows Kernel | CVE-2023-36403 | Windows Kernel Elevation of Privilege Vulnerability | Important |
Windows NTFS | CVE-2023-36398 | Windows NTFS Information Disclosure Vulnerability | Important |
Windows Protected EAP (PEAP) | CVE-2023-36028 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | Important |
Windows Scripting | CVE-2023-36017 | Windows Scripting Engine Memory Corruption Vulnerability | Important |
Windows SmartScreen | CVE-2023-36025 | Windows SmartScreen Security Feature Bypass Vulnerability | Important |
Windows Storage | CVE-2023-36399 | Windows Storage Elevation of Privilege Vulnerability | Important |