Table of Contents
  • Home
  • /
  • Blog
  • /
  • Breaking Down the Latest August 2023 Patch Tuesday Report
November 16, 2023
|
12m

Breaking Down the Latest August 2023 Patch Tuesday Report


Breaking Down The Latest August 2023 Patch Tuesday Report

The August 2023 Patch Tuesday report has been released, providing critical information for organizations and individuals to address security vulnerabilities and software updates. This monthly event plays a crucial role in maintaining the security and stability of the Windows operating system and various other software products people rely on. In this article, we’ll break down the key highlights of the August 2023 Patch Tuesday report, focusing on the most pressing concerns for users and administrators.

Notably, Microsoft has released fixes for 88 vulnerabilities in August 2023 Patch Tuesday report, out of which 6 were rated Critical. Microsoft also warned about the active exploitation of 1 vulnerability. Again, as with other Patch Tuesday reports, Remote Code Execution (RCE) vulnerability has topped the list with 23 occurrences in the list of vulnerabilities. Let’s break down what is there in the report that Microsoft released on 8th August.

Key Highlights- Patch Tuesday August 2023

Two of the flaws are zero-day vulnerabilities, one of which is being actively exploited in the wild. In addition to the RCE flaws, this release covers privilege escalation bugs, information disclosure issues, spoofing weaknesses, and denial of service vulnerabilities across a wide range of Microsoft products.

Key affected products include Windows, Internet Explorer, Office, Exchange Server, SQL Server, Visual Studio, and Microsoft Dynamics. Administrators and end users are advised to apply these security updates as soon as possible to ensure systems are not vulnerable to any of the fixed flaws.

Key Highlights are:

  • Microsoft’s August’s 2023 Patch Tuesday included updates for 88 security flaws, including two Security Advisories and 12 browser vulnerabilities.

  • 2 of them are Zero-Days, with one publicly disclosed.

  • The patch covered 23 Remote Code Execution (RCE) vulnerabilities, 6 of which were rated as ‘Critical.’The 2 zero-day vulnerabilities patched are:

    • CVE-2023-38180 – Actively exploited ASP.NET zero-day denial of service vulnerability

    • CVE-2023-36884 – Previously disclosed Windows zero-day vulnerability

Vulnerabilities by Category

The complete list of 88 vulnerabilities is classified into six categories. Remote Code Execution Vulnerability has been identified as the most common vulnerability, occurring 23 times, while Security Feature Bypass is the least frequent vulnerability, occurring only 3 times. Please refer to the below chart for complete details on all categories of vulnerabilities: 

Elevation of Privilege vulnerabilitiesCVE-2023-38176
CVE-2023-35359
CVE-2023-36876
CVE-2023-38167
CVE-2023-36869
CVE-2023-35390
CVE-2023-36899
CVE-2023-36873
CVE-2023-36904
CVE-2023-36900
CVE-2023-38175
CVE-2023-38186
CVE-2023-35378
CVE-2023-38154
CVE-2023-35382
CVE-2023-35386
CVE-2023-35380
Security Feature Bypass vulnerabilitiesCVE-2023-38157
CVE-2023-35384
Remote Code Execution vulnerabilitiesCVE-2023-38185
CVE-2023-35388
CVE-2023-35368
CVE-2023-29328
CVE-2023-29330
CVE-2023-36895
CVE-2023-36896
CVE-2023-35371
CVE-2023-38169
CVE-2023-36898
CVE-2023-38170
CVE-2023-32051
CVE-2023-35303
CVE-2023-38184
CVE-2023-35315
CVE-2023-35297
CVE-2023-300
CVE-2023-36910
CVE-2023-36911
CVE-2023-35385
Information Disclosure vulnerabilitiesCVE-2023-35391
CVE-2023-36890
CVE-2023-36894
CVE-2023-36905
CVE-2023-36907
CVE-2023-36906
CVE-2023-35383
CVE-2023-36913
Denial of Service vulnerabilitiesCVE-2023-38180
CVE-2023-38178
CVE-2023-36909
CVE-2023-35376
CVE-2023-38172
CVE-2023-38254
CVE-2023-35377
Spoofing vulnerabilitiesCVE-2023-38181
CVE-2023-36893
CVE-2023-36891
CVE-2023-36892
CVE-2023-35394
CVE-2023-35393
CVE-2023-36881
CVE-2023-36877
CVE-2023-38188

List of Products Patched in August 2023 Patch Tuesday Report

Microsoft’s August 2023 Patch Tuesday includes updates for a broad range of its products, applications, and services. Here are the applications and product components that have received patches:

  • NET Core

  • .NET Framework

  • ASP.NET

  • ASP.NET and Visual Studio

  • Azure Arc

  • Azure DevOps

  • Azure HDInsights

  • Dynamics Business Central Control

  • Memory Integrity System Readiness Scan Tool

  • Microsoft Dynamics

  • Microsoft Exchange Server

  • Microsoft Office

  • Microsoft Office Excel

  • Microsoft Office Outlook

  • Microsoft Office SharePoint

  • Microsoft Office Visio

  • Microsoft Teams

  • Microsoft WDAC OLE DB provider for SQL

  • Microsoft Windows Codecs Library

  • Reliability Analysis Metrics Calculation Engine

  • Role: Windows Hyper-V

  • SQL Server

  • Tablet Windows User Interface

  • Windows Bluetooth A2DP driver

  • Windows Cloud Files Mini Filter Driver

  • Windows Common Log File System Driver

  • Windows Cryptographic Services

  • Windows Defender

  • Windows Fax and Scan Service

  • Windows Group Policy

  • Windows HTML Platform

  • Windows Kernel

  • Windows LDAP – Lightweight Directory Access Protocol

  • Windows Message Queuing

  • Windows Mobile Device Management

  • Windows Projected File System

  • Windows Reliability Analysis Metrics Calculation Engine

  • Windows Smart Card

  • Windows System Assessment Tool

  • Windows Wireless Wide Area Network Service

List of Actively Exploited Vulnerabilities Patched in August 2023 Patch Tuesday

Microsoft patched an actively exploited zero-day denial of service (DoS) vulnerability, CVE-2023-38180, affecting ASP.NET Core. This vulnerability can lead to denial of service in Kestrel web server if exploited. Microsoft notes that reverse proxies and web application firewalls can help mitigate such attacks.

Here is a list of the actively exploited vulnerabilities patched in the August 2023 Patch Tuesday:

  • ADV230003 – Microsoft Office Defense in Depth Update

  • CVE-2023-38180 – .NET and Visual Studio Denial of Service Vulnerability

List of Critical Vulnerabilities Patched in August 2023 Patch Tuesday

The August Patch Tuesday addressed 6 critical-rated vulnerabilities that deserve close attention:

Sl. NoCVE IDSeverityCVSSDescriptionActively ExploitedPatch status
1CVE-2023-29328Important8.8Remote Code Execution Vulnerability in Microsoft TeamsNoAvailable
2CVE-2023-29330Important8.8Remote Code Execution Vulnerability in Microsoft TeamsNoAvailable
3CVE-2023-36895Important7.8Remote Code Execution Vulnerability in Microsoft OutlookNoAvailable
4CVE-2023-36910Critical9.8Remote Code Execution Vulnerability in Microsoft Message QueuingNoAvailable
5CVE-2023-36911Critical9.8Remote Code Execution Vulnerability in Microsoft Message QueuingNoAvailable
6CVE-2023-35385Critical9.8Remote Code Execution Vulnerability in Microsoft Message QueuingNoAvailable

CVE-2023-29328 and CVE-2023-29330 – Microsoft Teams Remote Code Execution Vulnerability

These two critical RCE flaws in Microsoft Teams allow an attacker to execute arbitrary code through specially crafted Teams meeting invites. The vulnerabilities are exploitable, with no user interaction required beyond joining the malicious meeting. Microsoft has rated them as “exploitation less likely” due to the difficulty in exploiting them.

CVE-2023-36895 – Microsoft Outlook Remote Code Execution Vulnerability

This critical vulnerability in Microsoft Outlook can let a remote attacker execute arbitrary code on the target system by convincing the user to open a specially crafted file. Microsoft rates the exploitability as low.

CVE-2023-36910, CVE-2023-36911, CVE-2023-35385 – Windows Message Queuing Service Remote Code Execution

These three critical vulnerabilities in the Windows Message Queuing Service, if successfully exploited, can enable remote code execution on vulnerable systems. While concerning, the service needs to be explicitly enabled and accessible through TCP port 1801 for exploitation.

Complete List of Vulnerabilities Patched in August 2023 Patch Tuesday Are

If you wish to download the complete list of vulnerabilities patched in August 2023 Patch Tuesday, you can do it from here. 

Azure vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-38176Azure Arc-Enabled Servers Elevation of Privilege VulnerabilityNoNo7
CVE-2023-35394Azure HDInsight Jupyter Notebook Spoofing VulnerabilityNoNo4.6
CVE-2023-36877Azure Apache Oozie Spoofing VulnerabilityNoNo4.5
CVE-2023-35393Azure Apache Hive Spoofing VulnerabilityNoNo4.5
CVE-2023-38188Azure Apache Hadoop Spoofing VulnerabilityNoNo4.5
CVE-2023-36881Azure Apache Ambari Spoofing VulnerabilityNoNo4.5

Azure Developer Tools vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-36869Azure DevOps Server Spoofing VulnerabilityNoNo6.3

Browser vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-38157Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityNoNo6.5
CVE-2023-4078Chromium: CVE-2023-4078 Inappropriate implementation in ExtensionsNoNoN/A
CVE-2023-4077Chromium: CVE-2023-4077 Insufficient data validation in ExtensionsNoNoN/A
CVE-2023-4076Chromium: CVE-2023-4076 Use after free in WebRTCNoNoN/A
CVE-2023-4075Chromium: CVE-2023-4075 Use after free in CastNoNoN/A
CVE-2023-4074Chromium: CVE-2023-4074 Use after free in Blink Task SchedulingNoNoN/A
CVE-2023-4073Chromium: CVE-2023-4073 Out of bounds memory access in ANGLENoNoN/A
CVE-2023-4072Chromium: CVE-2023-4072 Out of bounds read and write in WebGLNoNoN/A
CVE-2023-4071Chromium: CVE-2023-4071 Heap buffer overflow in VisualsNoNoN/A
CVE-2023-4070Chromium: CVE-2023-4070 Type Confusion in V8NoNoN/A
CVE-2023-4069Chromium: CVE-2023-4069 Type Confusion in V8NoNoN/A
CVE-2023-4068Chromium: CVE-2023-4068 Type Confusion in V8NoNoN/A

Developer Tools vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-35390.NET and Visual Studio Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-36899ASP.NET Elevation of Privilege VulnerabilityNoNo7.5
CVE-2023-38180.NET and Visual Studio Denial of Service VulnerabilityYesNo7.5
CVE-2023-38178.NET Core and Visual Studio Denial of Service VulnerabilityNoNo7.5
CVE-2023-36873.NET Framework Spoofing VulnerabilityNoNo7.4
CVE-2023-35391ASP.NET Core SignalR and Visual Studio Information Disclosure VulnerabilityNoNo7.1

Developer Tools Microsoft Office vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-36897Visual Studio Tools for Office Runtime Spoofing VulnerabilityNoNo8.1

ESU vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-35379Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-36876Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege VulnerabilityNoNo7.1

Exchange Server vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21709Microsoft Exchange Server Elevation of Privilege VulnerabilityNoNo9.8
CVE-2023-38181Microsoft Exchange Server Spoofing VulnerabilityNoNo8.8
CVE-2023-38185Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-35368Microsoft Exchange Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-35388Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8
CVE-2023-38182Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8

Microsoft Dynamics vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-38167Microsoft Dynamics Business Central Elevation Of Privilege VulnerabilityNoNo7.2
CVE-2023-35389Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityNoNo6.5

Microsoft Office vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-29328Microsoft Teams Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-29330Microsoft Teams Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-36891Microsoft SharePoint Server Spoofing VulnerabilityNoNo8
CVE-2023-36892Microsoft SharePoint Server Spoofing VulnerabilityNoNo8
CVE-2023-36895Microsoft Outlook Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-36865Microsoft Office Visio Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-36866Microsoft Office Visio Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-35372Microsoft Office Visio Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-35371Microsoft Office Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-36896Microsoft Excel Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-36890Microsoft SharePoint Server Information Disclosure VulnerabilityNoNo6.5
CVE-2023-36894Microsoft SharePoint Server Information Disclosure VulnerabilityNoNo6.5
CVE-2023-36893Microsoft Outlook Spoofing VulnerabilityNoNo6.5

SQL Server vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-38169Microsoft OLE DB Remote Code Execution VulnerabilityNoNo8.8

System Center vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-38175Microsoft Windows Defender Elevation of Privilege VulnerabilityNoNo7.8

Windows vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-35387Windows Bluetooth A2DP driver Elevation of Privilege VulnerabilityNoNo8.8
CVE-2023-38186Windows Mobile Device Management Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-35382Windows Kernel Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-35386Windows Kernel Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-38154Windows Kernel Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-36904Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-36898Tablet Windows User Interface Application Core Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-38170HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-35378Windows Projected File System Elevation of Privilege VulnerabilityNoNo7
CVE-2023-36905Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure VulnerabilityNoNo5.5
CVE-2023-36914Windows Smart Card Resource Management Server Security Feature Bypass VulnerabilityNoNo5.5
CVE-2023-35384Windows HTML Platforms Security Feature Bypass VulnerabilityNoNo5.4

Windows ESU vulnerabilities

CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-36910Microsoft Message Queuing Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-36911Microsoft Message Queuing Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-35385Microsoft Message Queuing Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-35381Windows Fax Service Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-36882Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-36903Windows System Assessment Tool Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-35359Windows Kernel Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-35380Windows Kernel Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-36900Windows Common Log File System Driver Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-38184Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityNoNo7.5
CVE-2023-35383Microsoft Message Queuing Information Disclosure VulnerabilityNoNo7.5
CVE-2023-36912Microsoft Message Queuing Denial of Service VulnerabilityNoNo7.5
CVE-2023-38172Microsoft Message Queuing Denial of Service VulnerabilityNoNo7.5
CVE-2023-36913Microsoft Message Queuing Information Disclosure VulnerabilityNoNo6.5
CVE-2023-36909Microsoft Message Queuing Denial of Service VulnerabilityNoNo6.5
CVE-2023-35376Microsoft Message Queuing Denial of Service VulnerabilityNoNo6.5
CVE-2023-38254Microsoft Message Queuing Denial of Service VulnerabilityNoNo6.5
CVE-2023-35377Microsoft Message Queuing Denial of Service VulnerabilityNoNo6.5
CVE-2023-36908Windows Hyper-V Information Disclosure VulnerabilityNoNo5.7
CVE-2023-36889Windows Group Policy Security Feature Bypass VulnerabilityNoNo5.5
CVE-2023-36906Windows Cryptographic Services Information Disclosure VulnerabilityNoNo5.5
CVE-2023-36907Windows Cryptographic Services Information Disclosure VulnerabilityNoNo5.5
CVE-2023-20569AMD: CVE-2023-20569 Return Address PredictorNoNoN/A

Ref: https://www.rapid7.com/blog/post/2023/08/08/patch-tuesday-august-2023/

Bottom Line

The August 2023 Patch Tuesday release contains important security updates for a wide range of Microsoft products. With 88 vulnerabilities addressed, including 23 critical remote code executions, system administrators should prioritize testing and deployment of these fixes.

The 6 critical-rated vulnerabilities, covering Outlook, Teams, and the Windows Message Queuing Service, deserve immediate attention given their potential impact. The actively exploited ASP.NET zero-day vulnerability also needs urgent patching.

Overall, this Patch Tuesday continues the trend of large, complex updates that must be carefully reviewed and applied to avoid security risks. Ongoing diligence with patch management remains crucial, as Microsoft delivers fixes for critical flaws each month.

By applying these updates promptly and monitoring for any potential impacts, organizations can enhance their security posture against evolving threats. We aim to keep readers informed through monthly Patch Tuesday reports. Please share this post and follow our website thesecmaster.com or subscribe to our social media pages on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram to receive similar updates.

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Report

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe