Microsoft’s July 2023 Patch Tuesday: 132 Vulnerabilities, 6 Zero-Days

Microsoft has released its July 2023 Patch Tuesday security updates, fixing 132 vulnerabilities. Read on to get the details.   

What vulnerabilities did Microsoft patch?  

The 132 vulnerabilities Microsoft patched include including 37 remote code execution vulnerabilities fixed, with nine of them rated as “Critical.” The most pressing patches addressed six actively exploited zero-day vulnerabilities. Here’s the complete list of zero-days:  

  • CVE-2023-32046 – A Windows MSHTML Platform Elevation of Privilege vulnerability. This flaw allows attackers to elevate privileges by opening a specially crafted file via email or visiting a malicious website.  
  • CVE-2023-32049 – A Windows SmartScreen Security Feature Bypass vulnerability that threat actors have exploited to prevent the display of the Open File – Security Warning prompt when downloading and opening files from the internet.  
  • CVE-2023-36874 – A Windows Error Reporting Service Elevation of Privilege vulnerability. This flaw, which has been actively exploited, enables threat actors to gain administrator privileges on the Windows device.  
  • CVE-2023-36884 – An Office and Windows HTML Remote Code Execution vulnerability. This publicly disclosed, unpatched zero-day allows remote code execution using specially crafted Microsoft Office documents. 
  • CVE-2023-35311 – A Microsoft Outlook Security Feature Bypass vulnerability. This actively exploited zero-day vulnerability in Microsoft Outlook bypasses security warnings and works in the preview pane. The discloser of this vulnerability wished to remain anonymous. 
  • ADV230001 – Guidance on Microsoft-signed drivers being used maliciously. Microsoft has revoked code-signing certificates and developer accounts that exploited a Windows policy loophole to install malicious kernel-mode drivers. This was in response to reports from Cisco Talos about abusing this loophole to sign malicious drivers to intercept browser traffic. Microsoft has suspended all associated developer accounts and revoked abused certificates.

The complete list of resolved vulnerabilities in the July 2023 Patch Tuesday updates can be found in the full report.  

What is Nuspire doing? 

Nuspire applies patches when they’re released in accordance with the vendor’s recommendations. 

How should I protect myself from these vulnerabilities? 

Organizations should review the July 2023 security updates, apply patches to affected systems as soon as possible, and regularly scan their environments to identify systems that need to be patched.  

  • Patching should focus on the six actively exploited vulnerabilities described above. 
  • Organizations can also review the individual CVEs from Microsoft to learn about any available workarounds or mitigations if they’re not able to immediately patch the vulnerabilities.  

Have you registered for our next event?