Microsoft August 2023 Patch Tuesday Warns of 2 Zero-Days, 87 Flaws Summary:

Cyber Security Threat Summary:
As part of the August Patch Tuesday, Microsoft patched 87 flaws, two of which were actively exploited zero-days. In total, the tech giant released fixes for 18 Elevation of Privilege vulnerabilities, 3 Security Feature Bypass vulnerabilities, 23 Remote Code Execution vulnerabilities, 10 Information Disclosure vulnerabilities, 8 Denial of Service vulnerabilities, and 12 Spoofing vulnerabilities. Out of the 87 flaws addressed, six have been rated critical in severity:

  • CVE-2023-36895: Microsoft Outlook Remote Code Execution Vulnerability
  • CVE-2023-29328: Microsoft Teams Remote Code Execution Vulnerability
  • CVE-2023-29330: Microsoft Teams Remote Code Execution Vulnerability
  • CVE-2023-35385: Microsoft Message Queuing Remote Code Execution Vulnerability
  • CVE-2023-36911: Microsoft Message Queuing Remote Code Execution Vulnerability
  • CVE-2023-36910: Microsoft Message Queuing Remote Code Execution Vulnerability
Security Officer Comments:
The first of the zero-days patched is being tracked as CVE-2023-38180 and relates to a Denial of Service impacting .NET applications and Visual Studio. Although Microsoft stated this flaw was exploited in attacks, the technical details have not been released. Microsoft also issued an update to fix a bypass in a patch that was released for CVE-2023-36884, a Windows Search remote code execution vulnerability. A successful exploit of this flaw would allow threat actors to create specially crafted Microsoft Office documents that could bypass the Mark of the Web security feature, resulting in files being opened without displaying a security warning. In particular, the tech giant observed CVE-2023-36884 being exploited in the wild by RomCom, a Russian-based cybercriminal group, to target defense and government entities in Europe and North America. More details can be found below:

Suggested Correction(s):
Organizations should review the list of vulnerabilities resolved and apply the relevant patches as needed. To access the full list of vulnerabilities addressed, please use the link down below: