Microsoft has patched a complete of 74 flaws in its software program as a part of the corporate’s Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the corporate fastened final month.
This contains six Essential, 67 Necessary, and one Average severity vulnerabilities. Launched together with the security enhancements are two defense-in-depth updates for Microsoft Workplace (ADV230003) and the Reminiscence Integrity System Readiness Scan Software (ADV230004).
The updates are additionally along with 30 points addressed by Microsoft in its Chromium-based Edge browser since final month’s Patch Tuesday version and one side-channel flaw impacting sure processor fashions supplied by AMD (CVE-2023-20569 or Inception).
ADV230003 issues an already recognized security flaw tracked as CVE-2023-36884, a distant code execution vulnerability in Workplace and Home windows HTML that has been actively exploited by the Russia-linked RomCom risk actor in assaults concentrating on Ukraine in addition to pro-Ukraine targets in Jap Europe and North America.
Microsoft mentioned that putting in the most recent replace “stops the assault chain” resulting in the distant code execution bug.
The opposite defense-in-depth replace for the Reminiscence Integrity System Readiness scan instrument, which is used to test for compatibility points with reminiscence integrity (aka hypervisor-protected code integrity or HVCI), takes care of a publicly recognized bug whereby the “unique model was revealed and not using a RSRC part, which accommodates useful resource info for a module.”
Additionally patched by the tech large are quite a few distant code execution flaws in Microsoft Message Queuing (MSMQ) and Microsoft Groups in addition to plenty of spoofing vulnerabilities in Azure Apache Ambari, Azure Apache Hadoop, Azure Apache Hive, Azure Apache Oozie, Azure DevOps Server, Azure HDInsight Jupyter, and .NET Framework.
On high of that, Redmond has resolved six denial-of-service (DoS) and two info disclosure flaws in MSMQ, and follows plenty of different issues found in the identical service that might end in distant code execution and DoS.
Three different vulnerabilities of word are CVE-2023-35388, CVE-2023-38182 (CVSS scores: 8.0), and CVE-2023-38185 (CVSS rating: 8.8) – distant code execution flaws in Alternate Server – the primary two of which have been tagged with an “Exploitation Extra Seemingly” evaluation.
“The exploitation of CVE-2023-35388 and CVE-2023-38182 is considerably restricted due to the necessity for an adjoining assault vector and legitimate Alternate credentials,” Natalie Silva, lead content material engineer at Immersive Labs, mentioned.
“This implies the attacker must be linked to your inner community and be capable to authenticate as a legitimate Alternate consumer earlier than they’ll exploit these vulnerabilities. Any one that achieves this may perform distant code execution utilizing a PowerShell remoting session.”
Microsoft additional acknowledged the supply of a proof-of-concept (PoC) exploit for a DoS vulnerability in .NET and Visible Studio (CVE-2023-38180, CVSS rating: 7.5), noting that the “code or method will not be practical in all conditions and will require substantial modification by a talented attacker.”
Lastly, the replace additionally contains patches for 5 privilege escalation flaws within the Home windows Kernel (CVE-2023-35359, CVE-2023-35380, CVE-2023-35382, CVE-2023-35386, and CVE-2023-38154, CVSS scores: 7.8) that could possibly be weaponized by a risk actor with native entry to the goal machine to achieve SYSTEM privileges.
Software program Patches from Different Distributors
Along with Microsoft, security updates have additionally been launched by different distributors over the previous a number of weeks to rectify a number of vulnerabilities, together with —
