The July 2023 Patch Tuesday report has been released, providing critical information for organizations and individuals to address security vulnerabilities and software updates. This monthly event plays a crucial role in maintaining the security and stability of the Windows operating system and various other software products people rely on. In this article, we’ll break down the key highlights of the July 2023 Patch Tuesday report, focusing on the most pressing concerns for users and administrators.
Notably, Microsoft has released fixes for 132 vulnerabilities in July 2023 Patch Tuesday report, out of which 9 were rated Critical. Microsoft also warned about the active exploitation of 6 vulnerabilities. Again, as with other Patch Tuesday reports, Remote Code Execution (RCE) vulnerability has topped the list with 37 occurrences in the list of vulnerabilities. Let’s break down what is there in the report that Microsoft released on 11th July.
Key Highlights- Patch Tuesday July 2023
Microsoft has released Cumulate updates with Moment 3 Features for Windows 11 along with this July 2023 Patch Tuesday update.
- Microsoft’s July 2023 Patch Tuesday included updates for 132 security flaws.
- Six of these flaws were actively exploited zero-day vulnerabilities.
- The patch covered 37 Remote Code Execution (RCE) vulnerabilities, nine of which were rated as ‘Critical.’
- One RCE vulnerability remains unpatched and is actively being exploited.
- The six zero-day vulnerabilities patched are:
- CVE-2023-32046: Windows MSHTML Platform Elevation of Privilege Vulnerability
- CVE-2023-32049: Windows SmartScreen Security Feature Bypass Vulnerability
- CVE-2023-36874: Windows Error Reporting Service Elevation of Privilege Vulnerability
- CVE-2023-36884: Office and Windows HTML Remote Code Execution Vulnerability
- ADV230001: Guidance on Microsoft Signed Drivers Being Used Maliciously
- CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
- The CVE-2023-36884 vulnerability is particularly critical as it allows remote code execution using specially crafted Microsoft Office documents.
- The RomCom hacking group, associated with ransomware operations Industrial Spy and Cuba, is known to be exploiting the CVE-2023-36884 vulnerability.
- Cumulative update for Windows 10 and Windows 11 with Moment 3 Features: KB5028166 for Windows 10, KB5028185 for Windows 11.
Vulnerabilities by Category
The complete list of 132 vulnerabilities is classified into seven categories. Remote Code Execution Vulnerability has been identified as the most common vulnerability, occurring 37 times, while Spoofing is the least frequent vulnerability, occurring only 7 times. Please refer to the below chart for complete details on all categories of vulnerabilities:
List of Products Patched in July 2023 Patch Tuesday report
Microsoft’s July 2023 Patch Tuesday includes updates for a broad range of its products, applications, and services. Here are the applications and product components that have received patches:
- ASP.NET and.NET
- Microsoft Dynamics
- Microsoft Graphics Component
- Microsoft Media-Wiki Extensions
- Microsoft Office
- Microsoft Office Access
- Microsoft Office Excel
- Microsoft Office Outlook
- Microsoft Office SharePoint
- Microsoft Power Apps
- Microsoft Printer Drivers
- Microsoft Windows Codecs Library
- .NET and Visual Studio
- Paint 3D
- Role: DNS Server
- Windows Active Template Library
- Windows Admin Center
- Windows App Store
- Windows Authentication Methods
- Windows CDP User Components
- Windows Cluster Server
- Windows Cloud Files Mini Filter Driver
- Windows Common Log File System Driver
- Windows Connected User Experiences and Telemetry
- Windows CryptoAPI
- Windows Cryptographic Services
- Windows CNG Key Isolation Service
- Windows Deployment Services
- Windows EFI Partition
- Windows Failover Cluster
- Windows Geolocation Service
- Windows HTTP.sys
- Windows Image Acquisition
- Windows Installer
- Windows Kernel
- Windows Layer-2 Bridge Network Driver
- Windows Layer 2 Tunneling Protocol
- Windows Local Security Authority (LSA)
- Windows Message Queuing
- Windows MSHTML Platform
- Windows Netlogon
- Windows ODBC Driver
- Windows OLE
- Windows Online Certificate Status Protocol (OCSP) SnapIn
- Windows Partition Management Driver
- Windows Peer Name Resolution Protocol
- Windows PGM
- Windows Power Apps
- Windows Print Spooler Components
- Windows Printer Drivers
- Windows Remote Desktop
- Windows Remote Procedure Call
- Windows Server Update Service
- Windows SmartScreen
- Windows SPNEGO Extended Negotiation
- Windows Transaction Manager
- Windows Update Orchestrator Service
- Windows VOLSNAP.SYS
- Windows Volume Shadow Copy
- Windows Win32K
List of Actively Exploited Vulnerabilities Patched in July 2023 Patch Tuesday
There are 6 actively exploited vulnerabilities in July 2023 Patch Tuesday.
| Sl. No | CVE ID | Description |
| 1 | CVE-2023-32046 | Windows MSHTML Platform Elevation of Privilege Vulnerability |
| 2 | CVE-2023-32049 | Windows SmartScreen Security Feature Bypass Vulnerability |
| 3 | CVE-2023-36874 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
| 4 | CVE-2023-36884 | Office and Windows HTML Remote Code Execution Vulnerability |
| 5 | ADV230001 | Guidance on Microsoft Signed Drivers Being Used Maliciously |
| 6 | CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability |
List of Critical Vulnerabilities Patched in July 2023 Patch Tuesday
There are 9 vulnerabilities rated Critical including 6 activley exploited vulnerabilities listed in the previous section. Here you see the summary of the flaws followed by the list.
| Sl. No | CVE ID | Severity | CVSS | Description | Actively Exploited | Patch status |
| 1 | CVE-2023-32046 | IMPORTANT | 7.8 | Windows MSHTML Platform Elevation of Privilege Vulnerability | YES | Not Available, but mitigation guidance provided. |
| 2 | CVE-2023-32049 | IMPORTANT | 8.8 | Windows SmartScreen Security Feature Bypass Vulnerability | YES | Available |
| 3 | CVE-2023-36874 | IMPORTANT | 7.8 | Windows Error Reporting Service Elevation of Privilege Vulnerability | YES | Available |
| 4 | CVE-2023-36884 | IMPORTANT | 8.3 | Office and Windows HTML Remote Code Execution Vulnerability | YES | Available |
| 5 | CVE-2023-29347 | IMPORTANT | 8.7 | Windows Admin Center Spoofing Vulnerability | NO | Available |
| 6 | CVE-2023-35311 | IMPORTANT | 8.8 | Microsoft Outlook Security Feature Bypass Vulnerability | YES | Available |
| 7 | CVE-2023-35365 | CRITICAL | 9.8 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | NO | Available |
| 8 | CVE-2023-35366 | CRITICAL | 9.8 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | NO | Available |
| 9 | CVE-2023-35367 | CRITICAL | 9.8 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | NO | Available |
| 10 | CVE-2023-32057 | CRITICAL | 9.8 | Microsoft Message Queuing Remote Code Execution Vulnerability | NO | Available |
#1. CVE-2023-36884 | Office and Windows HTML Remote Code Execution Vulnerability
CVE-2023-36884 is a Remote Code Execution (RCE) vulnerability affecting Microsoft Windows and Office. It has been given a CVSSv3 score of 8.3 and is actively being exploited as a zero-day vulnerability. Microsoft has yet to release patches for this vulnerability, but they have provided mitigation guidance to help users avoid exploitation. According to Microsoft researchers, the exploitation of CVE-2023-36884 has been linked to a threat actor known as Storm-0978, also referred to as DEV-0978 or RomCom. This threat actor, believed to be based in Russia, is known for ransomware attacks and intelligence-gathering operations. The targeted regions include Ukraine, North America, and Europe, with the telecommunications and finance industries being the primary targets.
#2. CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability
CVE-2023-35311 is a security feature bypass vulnerability found in Microsoft Outlook. With a CVSSv3 score of 8.8, this vulnerability has been exploited as a zero-day. Exploiting this flaw requires the attacker to convince a victim to click on a malicious URL. Successful exploitation allows the bypassing of the Microsoft Outlook Security Notice prompt, which is designed to protect users. Although the Outlook Preview pane feature can be an attack vector, user interaction is still necessary for exploitation.
#3. CVE-2023-32046 | Windows MSHTML Platform Elevation of Privilege Vulnerability
CVE-2023-32046 is an elevation of privilege (EoP) vulnerability in Microsoft’s MSHTML (Trident) engine. It has been exploited as a zero-day vulnerability and holds a CVSSv3 score of 7.8. Patches addressing this vulnerability are available for all supported versions of Windows. To exploit this vulnerability, an attacker needs to create a specially crafted file and employ social engineering techniques to convince the target to open the document. Microsoft advises users who install Security Only updates to also install the Internet Explorer Cumulative update to fully mitigate this vulnerability.
The discovery of CVE-2023-32046 follows the previous zero-day vulnerability, CVE-2021-40444, which was exploited and patched in September 2021. Although CVE-2021-40444 didn’t make it into our top 5 list of noteworthy vulnerabilities in the 2021 Threat Landscape Retrospective, it was among the vulnerabilities that almost made the list.
#4. CVE-2023-36874 | Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2023-36874 is an elevation of privilege vulnerability affecting the Microsoft Windows Error Reporting Service. With a CVSSv3 score of 7.8, this vulnerability has been actively exploited as a zero-day. Exploiting this flaw requires the attacker to have local access to the target system and certain basic user privileges. Successful exploitation leads to the attacker obtaining administrative privileges on the compromised system. The credit for discovering this vulnerability goes to Vlad Stolyarov and Maddie Stone, researchers at Google’s Threat Analysis Group (TAG). Unfortunately, specific details about its exploitation are not available at the time of writing.
#5. CVE-2023-32049 | Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-32049 is a security feature bypass vulnerability that affects Windows SmartScreen, an early warning system designed to protect against phishing attacks and malware distribution through malicious websites. To exploit this vulnerability, an attacker needs to convince a user to open a specially crafted URL. Successful exploitation allows the attacker to bypass the “Open File” warning prompt and compromise the victim’s machine. This vulnerability has been actively exploited as a zero-day and holds a CVSSv3 score of 8.8.
This vulnerability is similar to other Mark of the Web (MOTW) vulnerabilities previously patched by Microsoft. One example is CVE-2022-44698, which was exploited and patched in the December 2022 Patch Tuesday release.
#6. CVE-2023-29347 | Windows Admin Center Spoofing Vulnerability
CVE-2023-29347 is a spoofing vulnerability discovered in Windows Admin Center (WAC). It has been assigned a CVSSv3 score of 8.7 and a max severity rating of “important.” This vulnerability resides in the web server component of WAC, but malicious scripts execute within the victim’s browser. Microsoft’s CVSS scoring reflects this as a scope change. Remote authenticated attackers can exploit this vulnerability through a malicious script imported into the WAC HTML form, a .csv file imported to the user interface, or the WAC API. Successful exploitation enables the attacker to perform operations on the WAC server using the victim’s privileges.
#7. CVE-2023-35365, CVE-2023-35366, and CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2023-35365, CVE-2023-35366, and CVE-2023-35367 are remote code execution (RCE) vulnerabilities affecting the Windows Routing and Remote Access Service (RRAS) in Windows operating systems. Each vulnerability has been assigned a CVSSv3 score of 9.8. It’s important to note that RRAS is not installed or configured in Windows by default, and users who haven’t enabled the feature are not affected by these vulnerabilities. Exploiting these vulnerabilities requires the attacker to send crafted packets to an impacted server. According to Microsoft, the exploitability of these vulnerabilities is less likely, as indicated by the Microsoft Exploitability Index.
#8. CVE-2023-32057 | Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-32057 is an RCE vulnerability discovered in the Microsoft Message Queuing (MSMQ) component of Windows operating systems. With a CVSSv3 score of 9.8 and a critical rating, this vulnerability allows remote unauthenticated attackers to execute arbitrary code by sending malicious MSMQ packets to a vulnerable MSMQ server. For successful exploitation, the Message Queuing service must be enabled on the targeted server. Microsoft has categorized this vulnerability as “Exploitation less likely” using the Microsoft Exploitability Index.
#9. ADV230001 | Guidance on Microsoft Signed Drivers Being Used Maliciously
To provide guidance regarding the malicious use of Microsoft Signed Drivers, Microsoft released ADV230001. The advisory highlights cases where drivers certified by Microsoft’s Windows Hardware Developer Program (MWHDP) were abused by malicious actors as part of post-compromise activities. In such instances, the malicious actors gained administrative access to affected systems to utilize these drivers. Microsoft has taken several steps to address this issue, including disabling compromised developer program accounts, and releasing updates to untrust the malicious.
Complete List of Vulnerabilities Patched in July 2023 Patch Tuesday Are
If you wish to download the complete list of vulnerabilities patched in July 2023 Patch Tuesday, you can do it from here.
| CVE ID | CVE Title | Severity | Tag |
| CVE-2023-33127 | .NET and Visual Studio Elevation of Privilege Vulnerability | Important | .NET and Visual Studio |
| CVE-2023-33170 | ASP.NET and Visual Studio Security Feature Bypass Vulnerability | Important | ASP.NET and Visual Studio |
| CVE-2023-36871 | Azure Active Directory Security Feature Bypass Vulnerability | Important | Azure Active Directory |
| CVE-2023-35348 | Active Directory Federation Service Security Feature Bypass Vulnerability | Important | Azure Active Directory |
| CVE-2023-33171 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important | Microsoft Dynamics |
| CVE-2023-35335 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important | Microsoft Dynamics |
| CVE-2023-33149 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | Microsoft Graphics Component |
| CVE-2023-21756 | Windows Win32k Elevation of Privilege Vulnerability | Important | Microsoft Graphics Component |
| CVE-2023-35333 | MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | Important | Microsoft Media-Wiki Extensions |
| CVE-2023-33148 | Microsoft Office Elevation of Privilege Vulnerability | Important | Microsoft Office |
| CVE-2023-36884 | Office and Windows HTML Remote Code Execution Vulnerability | Important | Microsoft Office |
| CVE-2023-33150 | Microsoft Office Security Feature Bypass Vulnerability | Important | Microsoft Office |
| CVE-2023-33152 | Microsoft ActiveX Remote Code Execution Vulnerability | Important | Microsoft Office Access |
| CVE-2023-33158 | Microsoft Excel Remote Code Execution Vulnerability | Important | Microsoft Office Excel |
| CVE-2023-33161 | Microsoft Excel Remote Code Execution Vulnerability | Important | Microsoft Office Excel |
| CVE-2023-33162 | Microsoft Excel Information Disclosure Vulnerability | Important | Microsoft Office Excel |
| CVE-2023-33151 | Microsoft Outlook Spoofing Vulnerability | Important | Microsoft Office Outlook |
| CVE-2023-33153 | Microsoft Outlook Remote Code Execution Vulnerability | Important | Microsoft Office Outlook |
| CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability | Important | Microsoft Office Outlook |
| CVE-2023-33134 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important | Microsoft Office SharePoint |
| CVE-2023-33160 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | Microsoft Office SharePoint |
| CVE-2023-33165 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Important | Microsoft Office SharePoint |
| CVE-2023-33157 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | Microsoft Office SharePoint |
| CVE-2023-33159 | Microsoft SharePoint Server Spoofing Vulnerability | Important | Microsoft Office SharePoint |
| CVE-2023-32052 | Microsoft Power Apps Spoofing Vulnerability | Important | Microsoft Power Apps |
| CVE-2023-32085 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-35302 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-35296 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-35324 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-32040 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-35306 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-32039 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important | Microsoft Printer Drivers |
| CVE-2023-35303 | USB Audio Class System Driver Remote Code Execution Vulnerability | Important | Microsoft Windows Codecs Library |
| CVE-2023-36872 | VP9 Video Extensions Information Disclosure Vulnerability | Important | Microsoft Windows Codecs Library |
| CVE-2023-32051 | Raw Image Extension Remote Code Execution Vulnerability | Important | Microsoft Windows Codecs Library |
| CVE-2023-35373 | Mono Authenticode Validation Spoofing Vulnerability | Important | Mono Authenticode |
| CVE-2023-35374 | Paint 3D Remote Code Execution Vulnerability | Important | Paint 3D |
| CVE-2023-32047 | Paint 3D Remote Code Execution Vulnerability | Important | Paint 3D |
| CVE-2023-35310 | Windows DNS Server Remote Code Execution Vulnerability | Important | Role: DNS Server |
| CVE-2023-35346 | Windows DNS Server Remote Code Execution Vulnerability | Important | Role: DNS Server |
| CVE-2023-35345 | Windows DNS Server Remote Code Execution Vulnerability | Important | Role: DNS Server |
| CVE-2023-35344 | Windows DNS Server Remote Code Execution Vulnerability | Important | Role: DNS Server |
| CVE-2023-36868 | Azure Service Fabric on Windows Information Disclosure Vulnerability | Important | Service Fabric |
| CVE-2023-36867 | Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | Important | Visual Studio Code |
| CVE-2023-35351 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | Important | Windows Active Directory Certificate Services |
| CVE-2023-35350 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | Important | Windows Active Directory Certificate Services |
| CVE-2023-32055 | Active Template Library Elevation of Privilege Vulnerability | Important | Windows Active Template Library |
| CVE-2023-29347 | Windows Admin Center Spoofing Vulnerability | Important | Windows Admin Center |
| CVE-2023-35347 | Microsoft Install Service Elevation of Privilege Vulnerability | Important | Windows App Store |
| CVE-2023-35329 | Windows Authentication Denial of Service Vulnerability | Important | Windows Authentication Methods |
| CVE-2023-35326 | Windows CDP User Components Information Disclosure Vulnerability | Important | Windows CDP User Components |
| ADV230001 | Guidance on Microsoft Signed Drivers Being Used Maliciously | None | Windows Certificates |
| CVE-2023-35362 | Windows Clip Service Elevation of Privilege Vulnerability | Important | Windows Clip Service |
| CVE-2023-33155 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important | Windows Cloud Files Mini Filter Driver |
| CVE-2023-32033 | Microsoft Failover Cluster Remote Code Execution Vulnerability | Important | Windows Cluster Server |
| CVE-2023-35340 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | Important | Windows CNG Key Isolation Service |
| CVE-2023-35299 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | Windows Common Log File System Driver |
| CVE-2023-35320 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Important | Windows Connected User Experiences and Telemetry |
| CVE-2023-35353 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Important | Windows Connected User Experiences and Telemetry |
| CVE-2023-35339 | Windows CryptoAPI Denial of Service Vulnerability | Important | Windows CryptoAPI |
| CVE-2023-33174 | Windows Cryptographic Information Disclosure Vulnerability | Important | Windows Cryptographic Services |
| CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | Important | Windows Defender |
| CVE-2023-35322 | Windows Deployment Services Remote Code Execution Vulnerability | Important | Windows Deployment Services |
| CVE-2023-35321 | Windows Deployment Services Denial of Service Vulnerability | Important | Windows Deployment Services |
| ADV230002 | Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules | Important | Windows EFI Partition |
| CVE-2023-36874 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important | Windows Error Reporting |
| CVE-2023-32083 | Microsoft Failover Cluster Information Disclosure Vulnerability | Important | Windows Failover Cluster |
| CVE-2023-35343 | Windows Geolocation Service Remote Code Execution Vulnerability | Important | Windows Geolocation Service |
| CVE-2023-32084 | HTTP.sys Denial of Service Vulnerability | Important | Windows HTTP.sys |
| CVE-2023-35298 | HTTP.sys Denial of Service Vulnerability | Important | Windows HTTP.sys |
| CVE-2023-35342 | Windows Image Acquisition Elevation of Privilege Vulnerability | Important | Windows Image Acquisition |
| CVE-2023-32053 | Windows Installer Elevation of Privilege Vulnerability | Important | Windows Installer |
| CVE-2023-32050 | Windows Installer Elevation of Privilege Vulnerability | Important | Windows Installer |
| CVE-2023-35304 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows Kernel |
| CVE-2023-35363 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows Kernel |
| CVE-2023-35305 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows Kernel |
| CVE-2023-35356 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows Kernel |
| CVE-2023-35357 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows Kernel |
| CVE-2023-35358 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows Kernel |
| CVE-2023-32037 | Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | Important | Windows Layer 2 Tunneling Protocol |
| CVE-2023-35315 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | Critical | Windows Layer-2 Bridge Network Driver |
| CVE-2023-35331 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | Important | Windows Local Security Authority (LSA) |
| CVE-2023-35341 | Microsoft DirectMusic Information Disclosure Vulnerability | Important | Windows Media |
| CVE-2023-32057 | Microsoft Message Queuing Remote Code Execution Vulnerability | Critical | Windows Message Queuing |
| CVE-2023-35309 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | Windows Message Queuing |
| CVE-2023-32045 | Microsoft Message Queuing Denial of Service Vulnerability | Important | Windows Message Queuing |
| CVE-2023-32044 | Microsoft Message Queuing Denial of Service Vulnerability | Important | Windows Message Queuing |
| CVE-2023-32046 | Windows MSHTML Platform Elevation of Privilege Vulnerability | Important | Windows MSHTML Platform |
| CVE-2023-35336 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Important | Windows MSHTML Platform |
| CVE-2023-35308 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Important | Windows MSHTML Platform |
| CVE-2023-21526 | Windows Netlogon Information Disclosure Vulnerability | Important | Windows Netlogon |
| CVE-2023-33163 | Windows Network Load Balancing Remote Code Execution Vulnerability | Important | Windows Network Load Balancing |
| CVE-2023-35361 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows NT OS Kernel |
| CVE-2023-35364 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows NT OS Kernel |
| CVE-2023-35360 | Windows Kernel Elevation of Privilege Vulnerability | Important | Windows NT OS Kernel |
| CVE-2023-32038 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Important | Windows ODBC Driver |
| CVE-2023-32042 | OLE Automation Information Disclosure Vulnerability | Important | Windows OLE |
| CVE-2023-35323 | Windows OLE Remote Code Execution Vulnerability | Important | Windows Online Certificate Status Protocol (OCSP) SnapIn |
| CVE-2023-35313 | Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability | Important | Windows Online Certificate Status Protocol (OCSP) SnapIn |
| CVE-2023-33154 | Windows Partition Management Driver Elevation of Privilege Vulnerability | Important | Windows Partition Management Driver |
| CVE-2023-35338 | Windows Peer Name Resolution Protocol Denial of Service Vulnerability | Important | Windows Peer Name Resolution Protocol |
| CVE-2023-35297 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical | Windows PGM |
| CVE-2023-35325 | Windows Print Spooler Information Disclosure Vulnerability | Important | Windows Print Spooler Components |
| CVE-2023-35352 | Windows Remote Desktop Security Feature Bypass Vulnerability | Critical | Windows Remote Desktop |
| CVE-2023-32043 | Windows Remote Desktop Security Feature Bypass Vulnerability | Important | Windows Remote Desktop |
| CVE-2023-35332 | Windows Remote Desktop Protocol Security Feature Bypass | Important | Windows Remote Desktop |
| CVE-2023-35300 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33168 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33173 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33172 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-32035 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33166 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-32034 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33167 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33169 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-35318 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-33164 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-35319 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-35316 | Remote Procedure Call Runtime Information Disclosure Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-35314 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | Windows Remote Procedure Call |
| CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Critical | Windows Routing and Remote Access Service (RRAS) |
| CVE-2023-35366 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Critical | Windows Routing and Remote Access Service (RRAS) |
| CVE-2023-35365 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Critical | Windows Routing and Remote Access Service (RRAS) |
| CVE-2023-35317 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Important | Windows Server Update Service |
| CVE-2023-32056 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Important | Windows Server Update Service |
| CVE-2023-32049 | Windows SmartScreen Security Feature Bypass Vulnerability | Important | Windows SmartScreen |
| CVE-2023-35330 | Windows Extended Negotiation Denial of Service Vulnerability | Important | Windows SPNEGO Extended Negotiation |
| CVE-2023-35328 | Windows Transaction Manager Elevation of Privilege Vulnerability | Important | Windows Transaction Manager |
| CVE-2023-32041 | Windows Update Orchestrator Service Information Disclosure Vulnerability | Important | Windows Update Orchestrator Service |
| CVE-2023-35312 | Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | Important | Windows VOLSNAP.SYS |
| CVE-2023-32054 | Volume Shadow Copy Elevation of Privilege Vulnerability | Important | Windows Volume Shadow Copy |
| CVE-2023-35337 | Win32k Elevation of Privilege Vulnerability | Important | Windows Win32K |
Bottom Line
The July 2023 Patch Tuesday release was quite significant, addressing a wide range of vulnerabilities across various Microsoft products. Security professionals and system administrators should be paying close attention to the fixes released during this month’s update cycle, as they may greatly impact the overall security posture of their organizations.
With a total of 132 vulnerabilities addressed, the patch covers 9 critical security issues, which could lead to remote code execution, privilege escalation, and denial of service attacks if left unpatched. System administrators are encouraged to prioritize and deploy these updates to minimize the potential risk to their systems.
In closing, the July 2023 Patch Tuesday release serves as a reminder of the importance of ongoing cybersecurity and patch management efforts. By staying up-to-date with the latest vulnerabilities, addressing them in a timely manner, and carefully monitoring the impact of these updates, organizations can greatly improve their security posture and mitigate potential threats.