Microsoft has issued critical security updates to address vulnerabilities in Azure, Teams, Windows, and other software. These vulnerabilities could potentially enable attackers to execute malicious code. Windows administrators are urged to promptly install the updates to mitigate the risk.

Vulnerabilities

  • CVE-2023-29357 (risk: “critical”)
  • CVE-2023-29363 (risk: “critical”)
  • CVE-2023-32014 (risk: “critical”)
  • CVE-2023-32015 (risk: “critical”)

  • CVE-2023-32031 (risk: “high”)

  • Other vulnerabilities affecting .NET, Visual Studio, Excel, OneNote, Outlook, and other applications have been identified, posing a high threat level. Further information can be found in Microsoft’s Security Update Guide.

Critical security vulnerabilities

If attackers successfully exploit the SharePoint server vulnerability (CVE-2023-29357 “critical”), they could bypass authentication. If an attack is successful, attackers can elevate themselves as an admin. To do so, an attacker needs access to a JWT authentication token and could then launch an attack from within the network. No authentication is said to be required to initiate the attack, and a victim does not have to play along.

Microsoft states that systems with the AMSI integration feature and Defender enabled should not be vulnerable. Nevertheless, admins should install the security update.

PGM is vulnerable via three “critical” vulnerabilities (CVE-2023-29363, CVE-2023-32014 , CVE-2023-32015 ). Attacks are said to be possible remotely without authentication. PGM is not active by default, but on many systems the multicast transport protocol is used.

Security patches levered

A new Exchange vulnerability (CVE-2023-32031 “high”) once again resides in the ProxyNotShell context. Security researchers from Trend Micro’s Zero Day Initiative state that the vulnerability bypasses previous security updates against ProxyNotShell vulnerabilities (CVE-2023-41082, CVE-2023-21529). Due to insufficient checks, an authenticated attacker could push and execute malicious code on systems.

Other vulnerabilities

Several vulnerabilities affect .NET and Visual Studio. Attackers could use this for DoS or malware attacks. The threat level is set at “high”. Attackers could also target Excel, OneNote, Outlook and even more applications. Microsoft lists more information about the vulnerabilities in the Security Update Guide.

Sources

Contact & Information

Do you have suggestions for improvement or would you like to have an article translated / created? Please contact me!