Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The July 2023 edition of Patch Tuesday brings us 130 new fixes, with 9 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the July 2023 Patch Tuesday Audit Report
Five Microsoft SharePoint Vulnerabilities
Just like last month, the most noteworthy fixes are for SharePoint. Sharepoint got a total of 5 vulnerabilities fixed, two of which are critical.
CVE-2023-33157 is the most severe of the five. A Remote Code Execution (RCE) vulnerability in Sharepoint Server that is “more likely” to be exploited according to Microsoft. To exploit this vulnerability, an attacker will need to be authenticated and also a site member (and have the Manage List permissions), so there are some prerequisites. If these two conditions are both achieved, it is possible for the attacker to execute code remotely.
CVE-2023-33160 is the second most severe vulnerability. While it also have the same CVSS base score of 8.8, it is not as likely to be exploited. The prerequisites of this vulnerability are similar to the one above and if exploited it can lead to “a remote attack that could enable access to the victim’s information and the ability to alter information. Successful exploitation could also potentially cause downtime for the targeted environment.“
The other vulnerabilities, CVE-2023-33165, CVE-2023-33159, and CVE-2023-33134 are less severe according to Microsoft and range from a CVSS base score of 4.4 to 8.8. These vulnerabilities are a security feature bypass, spoofing and a second RCE vulnerability.
Three Windows Remote Desktop Vulnerabilities
The second set of vulnerabilities that pose a high risk are in the Windows Remote Desktop. CVE-2023-35352 is the most critical vulnerability simply listed as a security feature bypass vulnerability. Information is rather scarce for this vulnerability, Microsoft lists that exploitation is “more likely”, which indicates there is a significant risk. Aside from that all we get regarding the vulnerability is what happens if it is exploited.
An attacker who successfully exploited the vulnerability could bypass certificate or private key authentication when establishing a remote desktop protocol session.
The remaining two vulnerabilities, CVE-2023-32043 and CVE-2023-35332 both have a CVSS base score of 6.8. With these vulnerabilities we at least get some idea of which security features are being bypassed. Specifically, the certificate validation performed when a targeted user connects to a trusted server and the usage of the Datagram Transport Layer Security (DTLS) version 1.0 protocol.
Run the Patch Tuesday July 2023 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday July 2023 CVE Codes & Titles
| CVE Number | CVE Title |
| CVE-2023-36884 | Office and Windows HTML Remote Code Execution Vulnerability |
| CVE-2023-36874 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
| CVE-2023-36872 | VP9 Video Extensions Information Disclosure Vulnerability |
| CVE-2023-36871 | Azure Active Directory Security Feature Bypass Vulnerability |
| CVE-2023-36868 | Azure Service Fabric on Windows Information Disclosure Vulnerability |
| CVE-2023-36867 | Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability |
| CVE-2023-35374 | Paint 3D Remote Code Execution Vulnerability |
| CVE-2023-35373 | Mono Authenticode Validation Spoofing Vulnerability |
| CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2023-35366 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2023-35365 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2023-35364 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35363 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35362 | Windows Clip Service Elevation of Privilege Vulnerability |
| CVE-2023-35361 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35360 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35358 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35357 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35356 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35353 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
| CVE-2023-35352 | Windows Remote Desktop Security Feature Bypass Vulnerability |
| CVE-2023-35351 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability |
| CVE-2023-35350 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability |
| CVE-2023-35348 | Active Directory Federation Service Security Feature Bypass Vulnerability |
| CVE-2023-35347 | Microsoft Install Service Elevation of Privilege Vulnerability |
| CVE-2023-35346 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2023-35345 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2023-35344 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2023-35343 | Windows Geolocation Service Remote Code Execution Vulnerability |
| CVE-2023-35342 | Windows Image Acquisition Elevation of Privilege Vulnerability |
| CVE-2023-35341 | Microsoft DirectMusic Information Disclosure Vulnerability |
| CVE-2023-35340 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
| CVE-2023-35339 | Windows CryptoAPI Denial of Service Vulnerability |
| CVE-2023-35338 | Windows Peer Name Resolution Protocol Denial of Service Vulnerability |
| CVE-2023-35337 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-35336 | Windows MSHTML Platform Security Feature Bypass Vulnerability |
| CVE-2023-35335 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-35333 | MediaWiki PandocUpload Extension Remote Code Execution Vulnerability |
| CVE-2023-35332 | Windows Remote Desktop Protocol Security Feature Bypass |
| CVE-2023-35331 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| CVE-2023-35330 | Windows Extended Negotiation Denial of Service Vulnerability |
| CVE-2023-35329 | Windows Authentication Denial of Service Vulnerability |
| CVE-2023-35328 | Windows Transaction Manager Elevation of Privilege Vulnerability |
| CVE-2023-35326 | Windows CDP User Components Information Disclosure Vulnerability |
| CVE-2023-35325 | Windows Print Spooler Information Disclosure Vulnerability |
| CVE-2023-35324 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-35323 | Windows OLE Remote Code Execution Vulnerability |
| CVE-2023-35322 | Windows Deployment Services Remote Code Execution Vulnerability |
| CVE-2023-35321 | Windows Deployment Services Denial of Service Vulnerability |
| CVE-2023-35320 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
| CVE-2023-35319 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-35318 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-35317 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
| CVE-2023-35316 | Remote Procedure Call Runtime Information Disclosure Vulnerability |
| CVE-2023-35315 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability |
| CVE-2023-35314 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-35313 | Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability |
| CVE-2023-35312 | Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability |
| CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability |
| CVE-2023-35310 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2023-35309 | Microsoft Message Queuing Remote Code Execution Vulnerability |
| CVE-2023-35308 | Windows MSHTML Platform Security Feature Bypass Vulnerability |
| CVE-2023-35306 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-35305 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35304 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35303 | USB Audio Class System Driver Remote Code Execution Vulnerability |
| CVE-2023-35302 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| CVE-2023-35300 | Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| CVE-2023-35299 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2023-35298 | HTTP.sys Denial of Service Vulnerability |
| CVE-2023-35297 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-35296 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-33174 | Windows Cryptographic Information Disclosure Vulnerability |
| CVE-2023-33173 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33172 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33171 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-33170 | ASP.NET and Visual Studio Security Feature Bypass Vulnerability |
| CVE-2023-33169 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33168 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33167 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33166 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33165 | Microsoft SharePoint Server Security Feature Bypass Vulnerability |
| CVE-2023-33164 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-33163 | Windows Network Load Balancing Remote Code Execution Vulnerability |
| CVE-2023-33162 | Microsoft Excel Information Disclosure Vulnerability |
| CVE-2023-33161 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-33160 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-33159 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2023-33158 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-33157 | Microsoft SharePoint Remote Code Execution Vulnerability |
| CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability |
| CVE-2023-33155 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-33154 | Windows Partition Management Driver Elevation of Privilege Vulnerability |
| CVE-2023-33153 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2023-33152 | Microsoft ActiveX Remote Code Execution Vulnerability |
| CVE-2023-33151 | Microsoft Outlook Spoofing Vulnerability |
| CVE-2023-33150 | Microsoft Office Security Feature Bypass Vulnerability |
| CVE-2023-33149 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2023-33148 | Microsoft Office Elevation of Privilege Vulnerability |
| CVE-2023-33134 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-33127 | .NET and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2023-32085 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-32084 | HTTP.sys Denial of Service Vulnerability |
| CVE-2023-32083 | Microsoft Failover Cluster Information Disclosure Vulnerability |
| CVE-2023-32057 | Microsoft Message Queuing Remote Code Execution Vulnerability |
| CVE-2023-32056 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
| CVE-2023-32055 | Active Template Library Elevation of Privilege Vulnerability |
| CVE-2023-32054 | Volume Shadow Copy Elevation of Privilege Vulnerability |
| CVE-2023-32053 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-32052 | Microsoft Power Apps Spoofing Vulnerability |
| CVE-2023-32051 | Raw Image Extension Remote Code Execution Vulnerability |
| CVE-2023-32050 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-32049 | Windows SmartScreen Security Feature Bypass Vulnerability |
| CVE-2023-32047 | Paint 3D Remote Code Execution Vulnerability |
| CVE-2023-32046 | Windows MSHTML Platform Elevation of Privilege Vulnerability |
| CVE-2023-32045 | Microsoft Message Queuing Denial of Service Vulnerability |
| CVE-2023-32044 | Microsoft Message Queuing Denial of Service Vulnerability |
| CVE-2023-32043 | Windows Remote Desktop Security Feature Bypass Vulnerability |
| CVE-2023-32042 | OLE Automation Information Disclosure Vulnerability |
| CVE-2023-32041 | Windows Update Orchestrator Service Information Disclosure Vulnerability |
| CVE-2023-32040 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-32039 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-32038 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2023-32037 | Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability |
| CVE-2023-32035 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-32034 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-32033 | Microsoft Failover Cluster Remote Code Execution Vulnerability |
| CVE-2023-32028 | Microsoft OLE DB Remote Code Execution Vulnerability |
| CVE-2023-32027 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-32026 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-32025 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-29356 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-29349 | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability |
| CVE-2023-29347 | Windows Admin Center Spoofing Vulnerability |
| CVE-2023-24932 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2023-21756 | Windows Win32k Elevation of Privilege Vulnerability |
| CVE-2023-21526 | Windows Netlogon Information Disclosure Vulnerability |
| CVE-2022-38023 | Netlogon RPC Elevation of Privilege Vulnerability |
| CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability |
"*" indicates required fields
Receive the Latest Patch Tuesday Report for FREE Every Month
