Skip to main content

Microsoft Releases November 2023 Security Updates

Scheduled updates for Microsoft products, including security updates for five zero-day vulnerabilities with three being exploited

Threat ID:
CC-4408
Threat Severity:
Medium
Published:
15 November 2023 1:31 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products, including security updates for five zero-day vulnerabilities with three being exploited

Affected platforms

The following platforms are known to be affected:

Microsoft Office

Microsoft Exchange Server

The following platforms are also known to be affected:

  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Windows Scripting
  • Visual Studio Code
  • Azure
  • Windows SmartScreen
  • Windows Protected EAP (PEAP)
  • Windows DWM Core Library
  • Microsoft Exchange Server
  • Windows Cloud Files Mini Filter Driver
  • Microsoft Office Excel
  • ASP.NET
  • Visual Studio
  • Open Management Infrastructure
  • Microsoft Office
  • Windows Authentication Methods
  • .NET Framework
  • Windows DHCP Server
  • Tablet Windows User Interface
  • Microsoft Windows Search Component
  • Windows Deployment Services
  • Windows Compressed Folder
  • Windows Internet Connection Sharing (ICS)
  • Windows NTFS
  • Windows Storage
  • Windows HMAC Key Derivation
  • Microsoft Remote Registry Service
  • Microsoft WDAC OLE DB provider for SQL
  • Windows Kernel
  • Windows Hyper-V
  • Microsoft Office SharePoint
  • Windows Defender
  • Windows Common Log File System Driver
  • Windows Distributed File System (DFS)
  • Azure DevOps
  • ASP.NET
  • Windows Installer
  • Microsoft Windows Speech

Threat details

Introduction

Microsoft has released security updates to address 63 vulnerabilities, including five zero-day vulnerabilities with three being exploited. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Exploitation in the wild of CVE-2023-36036, CVE-2023-36033 and CVE-2023-36025

CVE-2023-36036 is a privilege escalation vulnerability in Windows DWM Core Library which is actively being exploited in the wild. An attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2023-36033 is a privilege escalation vulnerability in Windows Cloud Files Mini Filter Driver which is actively being exploited in the wild. An attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2023-36025 is a security feature bypass vulnerability in Windows SmartScreen which is actively being exploited in the wild. An attack that exploits this bug would be able to bypass Windows Defender SmartScreen checks and other prompts.

Remediation advice

Affected organisations are encouraged to review Microsoft’s November 2023 Security Update Summary and apply the relevant updates.

Last edited: 15 November 2023 1:40 pm