Breaking Down the Latest October 2023 Patch Tuesday Report

The October 2023 Patch Tuesday report has been released, providing critical information for organizations and individuals to address security vulnerabilities and software updates. This monthly event plays a crucial role in maintaining the security and stability of the Windows operating system and various other software products people rely on. In this article, we’ll break down the key highlights of the October 2023 Patch Tuesday report, focusing on the most pressing concerns for users and administrators.

Notably, Microsoft has released fixes for 105 vulnerabilities in the October 2023 Patch Tuesday report, out of which 12 were rated Critical. Microsoft also warned about the active exploitation of 3 vulnerabilities. Again, as with other Patch Tuesday reports, the Remote Code Execution (RCE) vulnerability has topped the list with 45 occurrences in the list of vulnerabilities. Let’s break down what is there in the October patches that Microsoft released on 10th October.

 

Key Highlights- Patch Tuesday October 2023

As part of October’s patch Tuesday, Microsoft patched three zero-day vulnerabilities that are being actively exploited in the wild. In addition to the RCE flaws, patches were released for privilege escalation bugs, information disclosure issues, spoofing weaknesses, security feature bypass, and denial of service vulnerabilities across a wide range of Microsoft products.

Key affected products include Windows, Skype for Business, Azure, Edge, Office, Exchange Server, SQL Server, Visual Studio, and Microsoft Dynamics. Administrators and end users are advised to apply these security updates as soon as possible to ensure systems are not vulnerable to any of the fixed flaws.

Key Highlights are:

  • Microsoft released patches for 105 vulnerabilities, including 3 zero-days and 12 critical vulnerabilities.
  • The 3 zero-day vulnerabilities patched are:
    • CVE-2023-36563 – Microsoft WordPad Information Disclosure Vulnerability (publicly disclosed)
    • CVE-2023-41763 – Skype for Business Elevation of Privilege Vulnerability
    • CVE-2023-44487 – HTTP/2 ‘Reset Flood’ Denial of Service Vulnerability
  • There are 45 remote code execution (RCE) vulnerabilities patched, with 12 rated as critical severity.
  • Other high-severity issues patched include 26 elevation of privilege bugs, 17 denial of service flaws, 12 information disclosure vulnerabilities, and more.
  • Key products receiving security updates include Windows, Exchange Server, Office, Skype for Business, Dynamics, SQL Server, and more.
  • Windows Server 2012 and 2012 R2 have reached the end of support, except for those with paid Extended Security Updates.
See also  How To Fix CVE-2021-1577- A Critical Arbitrary File Read And Write Vulnerability In Cisco APIC

Vulnerabilities by Category

In total, 105 vulnerabilities were addressed, with remote code execution being the most common vulnerability type patched by Microsoft this month, occurring 45 times. Elevation of privilege bugs also accounted for a significant portion of the flaws fixed with the occurrence of 26 times. The least common vulnerability category was spoofing, with only 1 such flaw patched in October. Please refer to the below chart for complete details on all categories of vulnerabilities:

Here is a table with the vulnerability categories and associated CVE IDs from Microsoft’s October 2023 Patch Tuesday:

Vulnerability Category CVE IDs
Remote Code Execution (RCE) CVE-2023-36418
CVE-2023-36414
CVE-2023-36415
CVE-2023-36778
CVE-2023-36577
CVE-2023-36710
CVE-2023-36786
CVE-2023-36780
CVE-2023-36789
CVE-2023-36417
CVE-2023-36785
CVE-2023-36598
CVE-2023-36730
CVE-2023-36420
CVE-2023-36902
CVE-2023-36436
CVE-2023-36557
CVE-2023-41770
CVE-2023-41765
CVE-2023-41767
CVE-2023-38166
CVE-2023-41774
CVE-2023-41773
CVE-2023-41771
CVE-2023-41769
CVE-2023-41768
CVE-2023-36571
CVE-2023-36570
CVE-2023-35349
CVE-2023-36591
CVE-2023-36590
CVE-2023-36589
CVE-2023-36583
CVE-2023-36592
CVE-2023-36697
CVE-2023-36593
CVE-2023-36582
CVE-2023-36574
CVE-2023-36575
CVE-2023-36573
CVE-2023-36572
CVE-2023-36578
CVE-2023-36702
CVE-2023-36704
CVE-2023-36718
Elevation of Privilege CVE-2023-36737
CVE-2023-36419
CVE-2023-36561
CVE-2023-41766
CVE-2023-36594
CVE-2023-38159
CVE-2023-36565
CVE-2023-36569
CVE-2023-36568
CVE-2023-41763
CVE-2023-36723
CVE-2023-36721
CVE-2023-36434
CVE-2023-36726
CVE-2023-36712
CVE-2023-36729
CVE-2023-36605
CVE-2023-36725
CVE-2023-36790
CVE-2023-36701
CVE-2023-36711
CVE-2023-36731
CVE-2023-36732
CVE-2023-36776
CVE-2023-36743
CVE-2023-41772
Information Disclosure CVE-2023-36722
CVE-2023-36429
CVE-2023-36433
CVE-2023-36563
CVE-2023-36713
CVE-2023-36567
CVE-2023-36706
CVE-2023-36576
CVE-2023-36724
CVE-2023-29348
CVE-2023-36596
CVE-2023-36438
Denial of Service (DoS) CVE-2023-36566
CVE-2023-38171
CVE-2023-36435
CVE-2023-36728
CVE-2023-36585
CVE-2023-36709
CVE-2023-36707
CVE-2023-36703
CVE-2023-36431
CVE-2023-36606
CVE-2023-36581
CVE-2023-36579
CVE-2023-36720
CVE-2023-36603
CVE-2023-36602
CVE-2023-36717
Security Feature Bypass CVE-2023-36564
CVE-2023-36698
CVE-2023-36584
Spoofing CVE-2023-36416

List of Products Patched in October 2023 Patch Tuesday Report

Microsoft’s October 2023 Patch Tuesday includes updates for a broad range of its products, applications, and services. Here are the applications and product components that have received patches:

See also  How to Mitigate Windows Server 2022 Boot Issues Upon Patching February’s Security Updates?
Product Name No. of Vulnerabilities Patched
Windows Message Queuing 20
Windows Layer 2 Tunneling Protocol 9
SQL Server 6
Windows Win32K 5
Skype for Business 4
Windows TCP/IP 3
Windows Kernel 3
Microsoft Dynamics 3
Microsoft Office 3
Windows Deployment Services 3
Azure 2
Windows Named Pipe File System 2
Azure SDK 2
Microsoft Graphics Component 2
Windows RDP 2
Microsoft QUIC 2
Windows HTML Platform 2
Azure DevOps 1
Microsoft Windows Search Component 1
Windows Mixed Reality Developer Tools 1
Microsoft Common Data Model SDK 1
Windows Setup Files Cleanup 1
HTTP/2 1
Azure Real Time Operating System 1
Windows Active Template Library 1
Windows NT OS Kernel 1
Windows AllJoyn API 1
Windows Resilient File System (ReFS) 1
Windows Client/Server Runtime Subsystem 1
Windows TPM 1
Windows Virtual Trusted Platform Module 1
Windows Mark of the Web (MOTW) 1
Active Directory Domain Services 1
Windows Microsoft DirectMusic 1
Microsoft WDAC OLE DB provider for SQL 1
Microsoft Windows Media Foundation 1
Windows DHCP Server 1
Windows Power Management Service 1
Windows Error Reporting 1
Windows Remote Procedure Call 1
Microsoft Exchange Server 1
Windows Runtime C++ Template Library 1
Windows IIS 1
Microsoft Edge (Chromium-based) 1
Windows IKE Extension 1
Microsoft WordPad 1
Client Server Run-time Subsystem (CSRSS) 1
Windows Common Log File System Driver 1
Windows Container Manager Service 1
Grand Total 105

Actively Exploited Zero-day Vulnerabilities Patched in October 2023 Patch Tuesday

Microsoft addressed three zero-day vulnerabilities in the October 2023 Patch Tuesday release. These vulnerabilities are notable because they were being actively exploited in the wild prior to the patches being made available. Let’s examine each of these critical vulnerabilities:

CVE-2023-44487 – HTTP/2 ‘Reset Flood’ Denial of Service

CVE-2023-44487 is an HTTP/2 vulnerability that could allow an unauthenticated attacker to trigger a denial of service condition against vulnerable HTTP/2 servers. This issue was exploited in August 2023 in a series of DDoS attacks observed by Cloudflare and others. While not exclusive to Microsoft products, patches were released for affected Windows Server versions. Other vendors utilizing HTTP/2 may also need to address this “reset flood” vulnerability.

See also  Secure Your Smartphone Now: The 6 Best Apps to Keep Your Android & iOS Devices Safe!

CVE-2023-36563 – WordPad NTLM Hash Disclosure

CVE-2023-36563 is an information disclosure vulnerability in WordPad that could allow remote code execution and disclosure of NTLM password hashes. Exploited as a zero-day prior to the October patches, this is the third WordPad vulnerability exploited in 2023 for NTLM hash theft.

CVE-2023-41763 – Skype for Business Elevation of Privilege

CVE-2023-41763 is an elevation of privilege vulnerability in Skype for Business servers. Exploited as a zero-day, this issue could allow authentication bypass and information disclosure. It appears to be related to an SSRF vulnerability disclosed in research last year, which Microsoft had initially declined to patch.

Critical Vulnerabilities Patched in October 2023 Patch Tuesday

Out of 105 vulnerabilities 12 were rated Critical in October 2023 Patch Tuesday report.

MSMQ RCE Vulnerabilities (CVE-2023-35349, CVE-2023-36697)

Two vulnerabilities were patched in Microsoft Message Queuing (MSMQ) that could allow RCE if an attacker sends malicious messages to a vulnerable server or compromises a legitimate MSMQ server. MSMQ allows reliable asynchronous messaging between Windows machines.

Virtual TPM RCE (CVE-2023-36718)

A flaw in the virtual Trusted Platform Module (TPM) implementation could enable a guest VM escape and RCE if an authenticated attacker performs complex memory manipulation. The TPM provides hardware-based security-related cryptographic functions.

CDM Denial of Service (CVE-2023-36566)

The Microsoft Common Data Model SDK contained a vulnerability permitting denial of service. Exploitation requires authentication but no elevated privileges.

L2TP RCE Vulnerabilities (CVE-2023-41770, CVE-2023-41765, CVE-2023-41767, CVE-2023-38166, CVE-2023-41774, CVE-2023-41773, CVE-2023-41771, CVE-2023-41769, CVE-2023-41768)

Multiple vulnerabilities were addressed in the Layer 2 Tunneling Protocol (L2TP) implementation used in VPN connections and by ISPs. These could enable unauthenticated remote code execution if an attacker wins a race condition when sending crafted connection requests.

See the table below for CVEID, description, and other details.

Sl. No CVE ID CVSS Description Actively Exploited Public Exploit Available Patch status
1 CVE-2023-41770 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
2 CVE-2023-41765 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
3 CVE-2023-41767 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
4 CVE-2023-38166 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
5 CVE-2023-41774 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
6 CVE-2023-41773 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
7 CVE-2023-41771 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
8 CVE-2023-41769 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
9 CVE-2023-41768 8.1 A remote code execution vulnerability in the Windows Layer 2 Tunneling Protocol due to improper validation of user-supplied input. No No Patch Released
10 CVE-2023-35349 9.8 A remote code execution vulnerability in the Microsoft Message Queuing service due to improper validation of user-supplied input. No No Patch Released
11 CVE-2023-36697 6.8 A remote code execution vulnerability in the Microsoft Message Queuing service due to improper validation of user-supplied input when connecting to a malicious server. No No Patch Released
12 CVE-2023-36718 7.8 A remote code execution vulnerability in the Microsoft Virtual Trusted Platform Module due to improper memory operations. No No Patch Released

Complete List of Vulnerabilities Patched in October 2023 Patch Tuesday

If you wish to download the complete list of vulnerabilities by products patched in October 2023 Patch Tuesday, you can do it from here. 

Azure vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36415 Azure Identity SDK Remote Code Execution Vulnerability No No 8.8
CVE-2023-36414 Azure Identity SDK Remote Code Execution Vulnerability No No 8.8
CVE-2023-36419 Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability No No 8.8
CVE-2023-36418 Azure RTOS GUIX Studio Remote Code Execution Vulnerability No No 7.8
CVE-2023-36737 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability No No 7.8

Azure Developer Tools vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36561 Azure DevOps Server Elevation of Privilege Vulnerability No No 7.3

Browser vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-5346 Chromium: CVE-2023-5346 Type Confusion in V8 No No N/A

ESU vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36790 Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability No No 7.8

Exchange Server vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36778 Microsoft Exchange Server Remote Code Execution Vulnerability No No 8

Microsoft Dynamics vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36433 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability No No 6.5
CVE-2023-36429 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability No No 6.5
CVE-2023-36566 Microsoft Common Data Model SDK Denial of Service Vulnerability No No 6.5
CVE-2023-36416 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability No No 6.1

Microsoft Office vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36569 Microsoft Office Elevation of Privilege Vulnerability No No 8.4
CVE-2023-36789 Skype for Business Remote Code Execution Vulnerability No No 7.2
CVE-2023-36786 Skype for Business Remote Code Execution Vulnerability No No 7.2
CVE-2023-36780 Skype for Business Remote Code Execution Vulnerability No No 7.2
CVE-2023-36565 Microsoft Office Graphics Elevation of Privilege Vulnerability No No 7
CVE-2023-36568 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability No No 7
CVE-2023-41763 Skype for Business Elevation of Privilege Vulnerability Yes Yes 5.3

SQL Server vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36417 Microsoft SQL ODBC Driver Remote Code Execution Vulnerability No No 7.8
CVE-2023-36730 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability No No 7.8
CVE-2023-36785 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability No No 7.8
CVE-2023-36420 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability No No 7.3
CVE-2023-36728 Microsoft SQL Server Denial of Service Vulnerability No No 5.5

Windows vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36704 Windows Setup Files Cleanup Remote Code Execution Vulnerability No No 7.8
CVE-2023-36711 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36725 Windows Kernel Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36723 Windows Container Manager Service Elevation of Privilege Vulnerability No No 7.8
CVE-2023-41772 Win32k Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36557 PrintHTML API Remote Code Execution Vulnerability No No 7.8
CVE-2023-36729 Named Pipe File System Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36718 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability No No 7.8
CVE-2023-36701 Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36603 Windows TCP/IP Denial of Service Vulnerability No No 7.5
CVE-2023-36720 Windows Mixed Reality Developer Tools Denial of Service Vulnerability No No 7.5
CVE-2023-36709 Microsoft AllJoyn API Denial of Service Vulnerability No No 7.5
CVE-2023-36605 Windows Named Pipe Filesystem Elevation of Privilege Vulnerability No No 7.4
CVE-2023-36902 Windows Runtime Remote Code Execution Vulnerability No No 7
CVE-2023-38159 Windows Graphics Component Elevation of Privilege Vulnerability No No 7
CVE-2023-36721 Windows Error Reporting Service Elevation of Privilege Vulnerability No No 7
CVE-2023-36717 Windows Virtual Trusted Platform Module Denial of Service Vulnerability No No 6.5
CVE-2023-36707 Windows Deployment Services Denial of Service Vulnerability No No 6.5
CVE-2023-36596 Remote Procedure Call Information Disclosure Vulnerability No No 6.5
CVE-2023-36576 Windows Kernel Information Disclosure Vulnerability No No 5.5
CVE-2023-36698 Windows Kernel Security Feature Bypass Vulnerability No No 3.6

Windows Developer Tools vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-38171 Microsoft QUIC Denial of Service Vulnerability No No 7.5
CVE-2023-36435 Microsoft QUIC Denial of Service Vulnerability No No 7.5
CVE-2023-44487 MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack Yes No N/A

Windows ESU vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2023-36434 Windows IIS Server Elevation of Privilege Vulnerability No No 9.8
CVE-2023-35349 Microsoft Message Queuing Remote Code Execution Vulnerability No No 9.8
CVE-2023-36577 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability No No 8.8
CVE-2023-41765 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41767 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41768 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41769 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41770 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41771 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41773 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-41774 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-38166 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability No No 8.1
CVE-2023-36710 Windows Media Foundation Core Remote Code Execution Vulnerability No No 7.8
CVE-2023-36436 Windows MSHTML Platform Remote Code Execution Vulnerability No No 7.8
CVE-2023-36712 Windows Kernel Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36726 Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36594 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8
CVE-2023-41766 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36732 Win32k Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36731 Win32k Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36743 Win32k Elevation of Privilege Vulnerability No No 7.8
CVE-2023-36598 Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability No No 7.8
CVE-2023-36593 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.8
CVE-2023-36702 Microsoft DirectMusic Remote Code Execution Vulnerability No No 7.8
CVE-2023-36438 Windows TCP/IP Information Disclosure Vulnerability No No 7.5
CVE-2023-36602 Windows TCP/IP Denial of Service Vulnerability No No 7.5
CVE-2023-36567 Windows Deployment Services Information Disclosure Vulnerability No No 7.5
CVE-2023-36606 Microsoft Message Queuing Denial of Service Vulnerability No No 7.5
CVE-2023-36581 Microsoft Message Queuing Denial of Service Vulnerability No No 7.5
CVE-2023-36579 Microsoft Message Queuing Denial of Service Vulnerability No No 7.5
CVE-2023-36431 Microsoft Message Queuing Denial of Service Vulnerability No No 7.5
CVE-2023-36703 DHCP Server Service Denial of Service Vulnerability No No 7.5
CVE-2023-36585 Active Template Library Denial of Service Vulnerability No No 7.5
CVE-2023-36592 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36591 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36590 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36589 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36583 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36582 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36578 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36575 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36574 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36573 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36572 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36571 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36570 Microsoft Message Queuing Remote Code Execution Vulnerability No No 7.3
CVE-2023-36776 Win32k Elevation of Privilege Vulnerability No No 7
CVE-2023-36697 Microsoft Message Queuing Remote Code Execution Vulnerability No No 6.8
CVE-2023-36564 Windows Search Security Feature Bypass Vulnerability No No 6.5
CVE-2023-29348 Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability No No 6.5
CVE-2023-36706 Windows Deployment Services Information Disclosure Vulnerability No No 6.5
CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability Yes Yes 6.5
CVE-2023-36724 Windows Power Management Service Information Disclosure Vulnerability No No 5.5
CVE-2023-36713 Windows Common Log File System Driver Information Disclosure Vulnerability No No 5.5
CVE-2023-36584 Windows Mark of the Web Security Feature Bypass Vulnerability No No 5.4
CVE-2023-36722 Active Directory Domain Services Information Disclosure Vulnerability No No 4.4

Bottom Line

Microsoft’s October 2023 Patch Tuesday fixes 105 flaws, including 3 zero-days and 12 critical remote code execution bugs, across Windows, Office, Exchange, and other products.

With 46 RCE and 26 elevation of privilege vulnerabilities patched, this is a substantial update that demands priority attention. Actively exploited zero-days in WordPad, Skype for Business, and HTTP/2 also need urgent action.

The 12 critical RCEs span Layer 2 Tunneling Protocol, Message Queuing, Virtual Trusted Platform Module, and other core Windows components. Additionally, information disclosure and denial of service issues received fixes.

Overall, Microsoft continues delivering large, complex patches on the second Tuesday of each month. Diligent testing and prompt deployment of these updates is essential for reducing organizational risk. Monitoring systems for patch compliance and unexpected behaviors after deployment is also advised.

Leave a Reply

Your email address will not be published. Required fields are marked *