Microsoft Releases Software Updates as Part of its November Patch Tuesday

Microsoft has released software updates as part of its November Patch Tuesday. The updates fix 58 security vulnerabilities in total, including 5 zero-day vulnerabilities, three of those being exploited in the wild.

The breakdown of the vulnerabilities are as follows:

• 16 privilege escalation

• 6 security feature bypass

• 15 remote code execution

• 6 information disclosure

• 5 denial of service

• 11 spoofing

The three actively exploited zero-day vulnerabilities are as follows:

• CVE-2023-36036 - vulnerability in Windows Cloud Files Mini Filter that can lead to elevation of privilege

• CVE-2023-36761 - vulnerability in Windows DWM Core Library that can lead to elevation of privilege

• CVE-2023-36025 - vulnerability in Windows SmartScreen Security that allows an attacker to bypass security checks and warnings

The other two zero-day vulnerabilities are:

• CVE-2023-36413 - vulnerability in Office that allows an attacker to bypass security features

• CVE-2023-36038 - vulnerability in ASP.NET Core that can cause denial of service condition

Why Should You Care?

Vulnerabilities already being exploited in the wild means attackers are already attacking victims using that vulnerability, and it is only a matter of time they start attacking YOUR organization and infrastructure. It is crucial to take action ASAP to mitigate the vulnerability or at the very least reduce impact.

What Should You Do?

• Test the patches ASAP at your organization, and make sure it does not break any business applications

• Prioritize patching against the three actively exploited zero-days

• Next priority are the other two zero-days

• Roll out the rest of the Patch Tuesday updates

References

• https://www.bleepingcomputer.com/news/microsoft/microsoft-november-2023-patch-tuesday-fixes-5-zero-days-58-flaws/