Microsoft's September 2023 Patch Tuesday has been rolled out, addressing a total of 59 vulnerabilities, two of which are zero-day flaws currently under active exploitation. Just like all months, Patch Tuesday is about shoring up Microsoft's services from security issues and bugs.
The two zero-day vulnerabilities that have been actively exploited are:
- CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. This flaw allows attackers to exploit the vulnerability to gain system privileges.
- CVE-2023-36761 – Microsoft Word Information Disclosure Vulnerability. This vulnerability can be exploited by attackers to disclose NTLM hashes.
Of the total vulnerabilities addressed, five were rated as ‘Critical', 55 as ‘Important', and one as ‘Moderate'. The critical vulnerabilities include four remote code execution flaws and an Azure Kubernetes Service elevation of privilege vulnerability.
Additional Insights from the Patch
Apart from the main vulnerabilities, the company also addressed two external bugs and four Chromium bugs. The total count of 59 flaws does not include five Microsoft Edge (Chromium) vulnerabilities and two non-Microsoft flaws in Electron and Autodesk.
Microsoft's Patch Tuesday for September 2023 also saw security updates for various products, including Microsoft Windows and its components, Exchange Server, Office and its components, .NET and Visual Studio, Azure, Microsoft Dynamics, and Windows Defender.
Standalone Defender Vulnerability Management Tool
Last month, Microsoft announced a standalone vulnerability management tool for Microsoft Defender. This means the vulnerability manager can now be accessed outside of Microsoft/Windows Defender. Previously, the service was only accessible as part of Microsoft Defender for Endpoint, a comprehensive endpoint security solution that includes threat detection, investigation, response and remediation capabilities.
Microsoft Defender Vulnerability Management is a service that helps organizations discover, prioritize, and remediate security vulnerabilities across their IT assets. According to Microsoft, the standalone service provides the same benefits as the integrated one.