This week marked the Redmond giant Microsoft’s monthly security updates for its products. With Patch Tuesday November, Microsoft addressed fewer vulnerabilities – over 60 only, including five zero-day flaws.
Five Zero-Days Patched With Latest Microsoft Updates
Microsoft addressed five different zero-day vulnerabilities with November Patch Tuesday updates.
Interestingly, none of these vulnerabilities lead to code execution, nor do they boast a critical severity rating. However, their public disclosure and active exploitation (for three of them) make them severe issues requiring immediate patching. These important severity vulnerabilities include the following.
- CVE-2023-36025 (CVSS 8.8): a security feature bypass in Windows SmartScreen that went under attack before a patch. An adversary could exploit this flaw by tricking the victim into clicking a maliciously crafted URL, after which the attacker could bypass Windows Defender SmartScreen prompts.
- CVE-2023-36038 (CVSS 8.2): a denial-of-service vulnerability impacting the ASP.NET Core. Despite public disclosure, Microsoft detected no exploitation attempts for this flaw.
- CVE-2023-36033 (CVSS 7.8): a privilege escalation vulnerability affecting the Windows DWM Core Library. Exploiting the flaw could let an attacker gain SYSTEM privileges. Microsoft confirmed detecting active exploitation of this vulnerability.
- CVE-2023-36036 (CVSS 7.8): another privilege escalation issue in the Windows Cloud Files Mini Filter Driver, allowing SYSTEM privileges. Microsoft confirmed finding this vulnerability under attack.
- CVE-2023-36413 (CVSS 6.5): another security feature bypass in Microsoft Office allowing an adversary to trick the victim into opening a maliciously crafted document in editing mode, bypassing the protected view.
Other Important November Patch Tuesday Updates From Microsoft
This month’s update bundle also addressed three critical severity issues alongside the zero-days. These include an information disclosure vulnerability affecting the Azure CLI REST Command (CVE-2023-36052; CVSS 8.6), a remote code execution vulnerability in the Windows Pragmatic General Multicast (PGM) (CVE-2023-36397; CVSS 9.8), and privilege escalation vulnerability impacting the Windows HMAC Key Derivation (CVE-2023-36400; CVSS 8.8).
In addition, the update bundle fixed 51 other important severity vulnerabilities and four moderate severity issues across different Microsoft products.
As the updates have been released publicly, users must rush to update their devices immediately to avoid potential threats.
Let us know your thoughts in the comments.