Service Notices
Microsoft Releases October 2023 Security Updates
Oct 13, 2023 GMT+08:00
I. Overview
Microsoft has released its October 2023 security updates. A total of 104 security vulnerabilities have been disclosed, among which 12 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to implement remote code execution, privilege escalation, and denial of service (DoS). The affected applications include Microsoft Windows, Microsoft Office, Microsoft Exchange Server and .NET.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2023-Oct
The following vulnerabilities have been exploited by attackers:
Microsoft Word Information Disclosure Vulnerability (CVE-2023-36563): 0-day vulnerability. A remote attacker would lure a user into opening a specially crafted file to trigger the vulnerability. Successful exploitation of this vulnerability can cause the disclosure of NTLM hashes. This vulnerability has been exploited in the wild, and the risk is high.
Skype for Business Elevation of Privilege Vulnerability (CVE-2023-41763): 0-day vulnerability. Unauthenticated remote attackers can exploit this vulnerability by sending specially crafted network calls to the target Skype for Business server. Successful exploitation of this vulnerability will result in the disclosure of sensitive information, which can be used to access the internal network. This vulnerability has been exploited in the wild, and the risk is high.
HTTP/2 DoS Vulnerability (CVE-2023-44487): 0-day vulnerability. Successful exploitation of this vulnerability will cause DDoS attacks on HTTP/2 servers. Specially constructed HTTP/2 requests can trigger high CPU usage within several seconds. An attacker could construct a large number of such requests to cause DoS on the target server. It has been exploited in the wild and the risk is high.
11 vulnerabilities (such as CVE-2023-36778, CVE-2023-36594, and CVE-2023-36731) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Microsoft Exchange Server, .NET, and other products.
IV. Vulnerability Details
|
CVE No. |
Vulnerability |
Severity |
Vulnerability Description |
|
CVE-2023-36718 |
Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability |
Important |
Successful exploitation of this vulnerability could result in remote code execution. |
|
CVE-2023-41773 |
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
Important |
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
|
CVE-2023-35349 |
Microsoft Message Queuing Remote Code Execution Vulnerability |
Important |
An authenticated attacker could induce a user on the target server to connect to a malicious server or compromises a legitimate MSMQ server host and makes it run as a malicious server. Successful exploitation of this vulnerability could result in remote code execution on the target server. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.