⚡ TL;DR | Go Straight to the November 2023 Patch Tuesday Audit Report
Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The November 2023 edition of Patch Tuesday brings us 58 new fixes, with 4 rated as critical. We’ve listed the most important changes below.
Windows DWM Core Library Vulnerability
This week CVE-2023-36033 is one of the most critical vulnerabilities. While not having the highest CVSS base score, „only“ a 7.8, Microsoft does list that an exploit for this vulnerability has been detected. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges, so its important that you adress this vulnerability ASAP.
Aside from this info, Microsoft hasn’t revealed much more about the vulnerability, presumably to prevent further exploitation as people get to patching their devices.
Microsoft PEAP Remote Code Execution Vulnerability
The Protected Extensible Authentication Protocol (PEAP) vulnerability has one of the highest CVSS scores this month clocking in at a whopping 9.8. CVE-2023-36028 allows an unauthenticated attacker to attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network.
Luckily this does require you to utilize a Network Policy Server, so if you’re not using that, you’re in the clear.
Windows PGM Remote Code Execution Vulnerability
The last important vulnerability is one in the Windows Pragmatic General Multicast. CVE-2023-36397 also has a CVSS base score of 9.8 but als has a specific condition to it in order to exploit. The Windows message queuing service must be running in a PGM Server environment, if this is the casem an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.
If you’re looking for an overview of all your servers that have the MSMQ service enabled, you can use our Windows Server MSMQ Server Feature Audit.
Run the Patch Tuesday November 2023 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday November 2023 CVE Codes & Titles
Patch Tuesday November 2023 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2023-36049 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability |
CVE-2023-36560 | ASP.NET Security Feature Bypass Vulnerability |
CVE-2023-36558 | ASP.NET Core – Security Feature Bypass Vulnerability |
CVE-2023-36038 | ASP.NET Core Denial of Service Vulnerability |
CVE-2023-38151 | Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability |
CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability |
CVE-2023-36021 | Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability |
CVE-2023-36437 | Azure DevOps Server Remote Code Execution Vulnerability |
CVE-2023-24023 | Mitre: CVE-2023-24023 Bluetooth Vulnerability |
CVE-2023-36410 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
CVE-2023-36031 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
CVE-2023-36016 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
CVE-2023-36007 | Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability |
CVE-2023-36030 | Microsoft Dynamics 365 Sales Spoofing Vulnerability |
CVE-2023-36439 | Microsoft Exchange Server Remote Code Execution Vulnerability |
CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2023-36039 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2023-36035 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2023-36413 | Microsoft Office Security Feature Bypass Vulnerability |
CVE-2023-36045 | Microsoft Office Graphics Remote Code Execution Vulnerability |
CVE-2023-36041 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2023-36037 | Microsoft Excel Security Feature Bypass Vulnerability |
CVE-2023-38177 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2023-36423 | Microsoft Remote Registry Service Remote Code Execution Vulnerability |
CVE-2023-36401 | Microsoft Remote Registry Service Remote Code Execution Vulnerability |
CVE-2023-36402 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
CVE-2023-36394 | Windows Search Service Elevation of Privilege Vulnerability |
CVE-2023-36719 | Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability |
CVE-2023-36043 | Open Management Infrastructure Information Disclosure Vulnerability |
CVE-2023-36393 | Windows User Interface Application Core Remote Code Execution Vulnerability |
CVE-2023-36042 | Visual Studio Denial of Service Vulnerability |
CVE-2023-36018 | Visual Studio Code Jupyter Extension Spoofing Vulnerability |
CVE-2023-36428 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability |
CVE-2023-36047 | Windows Authentication Elevation of Privilege Vulnerability |
CVE-2023-36046 | Windows Authentication Denial of Service Vulnerability |
CVE-2023-36036 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
CVE-2023-36424 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
CVE-2023-36396 | Windows Compressed Folder Remote Code Execution Vulnerability |
CVE-2023-36422 | Microsoft Windows Defender Elevation of Privilege Vulnerability |
CVE-2023-36395 | Windows Deployment Services Denial of Service Vulnerability |
CVE-2023-36392 | DHCP Server Service Denial of Service Vulnerability |
CVE-2023-36425 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
CVE-2023-36033 | Windows DWM Core Library Elevation of Privilege Vulnerability |
CVE-2023-36400 | Windows HMAC Key Derivation Elevation of Privilege Vulnerability |
CVE-2023-36427 | Windows Hyper-V Elevation of Privilege Vulnerability |
CVE-2023-36408 | Windows Hyper-V Elevation of Privilege Vulnerability |
CVE-2023-36407 | Windows Hyper-V Elevation of Privilege Vulnerability |
CVE-2023-36406 | Windows Hyper-V Information Disclosure Vulnerability |
CVE-2023-36705 | Windows Installer Elevation of Privilege Vulnerability |
CVE-2023-36397 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
CVE-2023-36405 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-36404 | Windows Kernel Information Disclosure Vulnerability |
CVE-2023-36403 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-36398 | Windows NTFS Information Disclosure Vulnerability |
CVE-2023-36028 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
CVE-2023-36017 | Windows Scripting Engine Memory Corruption Vulnerability |
CVE-2023-36025 | Windows SmartScreen Security Feature Bypass Vulnerability |
CVE-2023-36399 | Windows Storage Elevation of Privilege Vulnerability |