Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The June 2023 edition of Patch Tuesday brings us 78 new fixes, with 6 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the June 2023 Patch Tuesday Audit Report
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Just like last month, the most noteworthy fixes are for SharePoint. Sharepoint got a total of 5 vulnerabilities fixed, one of which is critical.
CVE-2023-29357 is the most critical of the five with a CVSS base score of 9.8 and exploitation being listed as «More Likely». However, this does come with a sidenote. If you have the AMSI integration feature enabled and use Microsoft Defender across your SharePoint Server farm(s) you are protected.
For the ones that do not, attackers who successfully exploited this vulnerability could gain administrator privileges. An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user without requiring privileges or user interaction.
The other vulnerabilities, CVE-2023-33129, CVE-2023-33130, CVE-2023-33132, and CVE-2023-33142 range from having a CVSS base score of 7.3 to 6.3 and are less likely to be exploited. They contain one denial of service, two spoofing, and one elevation of privilege vulnerability.
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-28310 and CVE-2023-32031 are two RCE vulnerabilities that were fixed for Exchange. With a CVSS base score of 8 and 8.8, and not getting the critical tag from Microsoft, they are not the most severe vulnerabilities this month however, they shouldn’t be overlooked as they are the more likely targets of attackers.
For both vulnerabilities, the attacker does require authentication which is likely why they did not receive the critical tag. If authenticated, an attacker exploiting CVE-2023-28310 can achieve remote code execution via a PowerShell remoting session. If CVE-2023-32031 is exploited, the attacker would attempt to trigger malicious code in the context of the server’s account through a network call.
Run the Patch Tuesday June 2023 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday June 2023 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2023-33146 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2023-33145 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
CVE-2023-33144 | Visual Studio Code Spoofing Vulnerability |
CVE-2023-33142 | Microsoft SharePoint Server Elevation of Privilege Vulnerability |
CVE-2023-33141 | Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability |
CVE-2023-33140 | Microsoft OneNote Spoofing Vulnerability |
CVE-2023-33139 | Visual Studio Information Disclosure Vulnerability |
CVE-2023-33137 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2023-33135 | .NET and Visual Studio Elevation of Privilege Vulnerability |
CVE-2023-33133 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2023-33132 | Microsoft SharePoint Server Spoofing Vulnerability |
CVE-2023-33131 | Microsoft Outlook Remote Code Execution Vulnerability |
CVE-2023-33130 | Microsoft SharePoint Server Spoofing Vulnerability |
CVE-2023-33129 | Microsoft SharePoint Denial of Service Vulnerability |
CVE-2023-33128 | .NET and Visual Studio Remote Code Execution Vulnerability |
CVE-2023-33126 | .NET and Visual Studio Remote Code Execution Vulnerability |
CVE-2023-32032 | .NET and Visual Studio Elevation of Privilege Vulnerability |
CVE-2023-32031 | Microsoft Exchange Server Remote Code Execution Vulnerability |
CVE-2023-32030 | .NET and Visual Studio Denial of Service Vulnerability |
CVE-2023-32029 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2023-32024 | Microsoft Power Apps Spoofing Vulnerability |
CVE-2023-32022 | Windows Server Service Security Feature Bypass Vulnerability |
CVE-2023-32021 | Windows SMB Witness Service Security Feature Bypass Vulnerability |
CVE-2023-32020 | Windows DNS Spoofing Vulnerability |
CVE-2023-32019 | Windows Kernel Information Disclosure Vulnerability |
CVE-2023-32018 | Windows Hello Remote Code Execution Vulnerability |
CVE-2023-32017 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability |
CVE-2023-32016 | Windows Installer Information Disclosure Vulnerability |
CVE-2023-32015 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
CVE-2023-32014 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
CVE-2023-32013 | Windows Hyper-V Denial of Service Vulnerability |
CVE-2023-32012 | Windows Container Manager Service Elevation of Privilege Vulnerability |
CVE-2023-32011 | Windows iSCSI Discovery Service Denial of Service Vulnerability |
CVE-2023-32010 | Windows Bus Filter Driver Elevation of Privilege Vulnerability |
CVE-2023-32009 | Windows Collaborative Translation Framework Elevation of Privilege Vulnerability |
CVE-2023-32008 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
CVE-2023-29373 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2023-29372 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
CVE-2023-29371 | Windows GDI Elevation of Privilege Vulnerability |
CVE-2023-29370 | Windows Media Remote Code Execution Vulnerability |
CVE-2023-29369 | Remote Procedure Call Runtime Denial of Service Vulnerability |
CVE-2023-29368 | Windows Filtering Platform Elevation of Privilege Vulnerability |
CVE-2023-29367 | iSCSI Target WMI Provider Remote Code Execution Vulnerability |
CVE-2023-29366 | Windows Geolocation Service Remote Code Execution Vulnerability |
CVE-2023-29365 | Windows Media Remote Code Execution Vulnerability |
CVE-2023-29364 | Windows Authentication Elevation of Privilege Vulnerability |
CVE-2023-29363 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
CVE-2023-29362 | Remote Desktop Client Remote Code Execution Vulnerability |
CVE-2023-29361 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
CVE-2023-29360 | Windows TPM Device Driver Elevation of Privilege Vulnerability |
CVE-2023-29359 | GDI Elevation of Privilege Vulnerability |
CVE-2023-29358 | Windows GDI Elevation of Privilege Vulnerability |
CVE-2023-29357 | Microsoft SharePoint Server Elevation of Privilege Vulnerability |
CVE-2023-29355 | DHCP Server Service Information Disclosure Vulnerability |
CVE-2023-29353 | Sysinternals Process Monitor for Windows Denial of Service Vulnerability |
CVE-2023-29352 | Windows Remote Desktop Security Feature Bypass Vulnerability |
CVE-2023-29351 | Windows Group Policy Elevation of Privilege Vulnerability |
CVE-2023-29346 | NTFS Elevation of Privilege Vulnerability |
CVE-2023-29337 | NuGet Client Remote Code Execution Vulnerability |
CVE-2023-29331 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability |
CVE-2023-29326 | .NET Framework Remote Code Execution Vulnerability |
CVE-2023-29012 | GitHub: CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in current directory, if it exists |
CVE-2023-29011 | GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placing |
CVE-2023-29007 | GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit` |
CVE-2023-28310 | Microsoft Exchange Server Remote Code Execution Vulnerability |
CVE-2023-27911 | AutoDesk: CVE-2023-27911 Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior |
CVE-2023-27910 | AutoDesk: CVE-2023-27910 stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior |
CVE-2023-27909 | AutoDesk: CVE-2023-27909 Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or prior |
CVE-2023-25815 | GitHub: CVE-2023-25815 Git looks for localized messages in an unprivileged place |
CVE-2023-25652 | GitHub: CVE-2023-25652 «git apply –reject» partially-controlled arbitrary file write |
CVE-2023-24938 | Windows CryptoAPI Denial of Service Vulnerability |
CVE-2023-24937 | Windows CryptoAPI Denial of Service Vulnerability |
CVE-2023-24936 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability |
CVE-2023-24897 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
CVE-2023-24896 | Dynamics 365 Finance Spoofing Vulnerability |
CVE-2023-24895 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
CVE-2023-24880 | Windows SmartScreen Security Feature Bypass Vulnerability |
CVE-2023-23398 | Microsoft Excel Spoofing Vulnerability |
CVE-2023-23396 | Microsoft Excel Denial of Service Vulnerability |
CVE-2023-23383 | Service Fabric Explorer Spoofing Vulnerability |
CVE-2023-21569 | Azure DevOps Server Spoofing Vulnerability |
CVE-2023-21565 | Azure DevOps Server Spoofing Vulnerability |
CVE-2022-38023 | Netlogon RPC Elevation of Privilege Vulnerability |
CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability |
CVE-2021-34527 | Windows Print Spooler Remote Code Execution Vulnerability |
"*" señala los campos obligatorios
Receive the Latest Patch Tuesday Report for FREE Every Month