PRUEBA AHORA
Patch Tuesday

Microsoft Patch Tuesday – November 2023

5 min. read
14/11/2023
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

⚡ TL;DR | Go Straight to the November 2023 Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The November 2023 edition of Patch Tuesday brings us 58 new fixes, with 4 rated as critical. We’ve listed the most important changes below.

Windows DWM Core Library Vulnerability

This week CVE-2023-36033 is one of the most critical vulnerabilities. While not having the highest CVSS base score, «only» a 7.8, Microsoft does list that an exploit for this vulnerability has been detected. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges, so its important that you adress this vulnerability ASAP.

Aside from this info, Microsoft hasn’t revealed much more about the vulnerability, presumably to prevent further exploitation as people get to patching their devices.

Microsoft PEAP Remote Code Execution Vulnerability

The Protected Extensible Authentication Protocol (PEAP) vulnerability has one of the highest CVSS scores this month clocking in at a whopping 9.8. CVE-2023-36028 allows an unauthenticated attacker to attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network.

Luckily this does require you to utilize a Network Policy Server, so if you’re not using that, you’re in the clear.

Windows PGM Remote Code Execution Vulnerability

The last important vulnerability is one in the Windows Pragmatic General Multicast. CVE-2023-36397 also has a CVSS base score of 9.8 but als has a specific condition to it in order to exploit. The Windows message queuing service must be running in a PGM Server environment, if this is the casem an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.

If you’re looking for an overview of all your servers that have the MSMQ service enabled, you can use our Windows Server MSMQ Server Feature Audit.

Run the Patch Tuesday November 2023 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday November 2023 CVE Codes & Titles

Patch Tuesday November 2023 CVE Codes & Titles

CVE NumberCVE Title
CVE-2023-36049.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-36560ASP.NET Security Feature Bypass Vulnerability
CVE-2023-36558ASP.NET Core – Security Feature Bypass Vulnerability
CVE-2023-36038ASP.NET Core Denial of Service Vulnerability
CVE-2023-38151Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
CVE-2023-36052Azure CLI REST Command Information Disclosure Vulnerability
CVE-2023-36021Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability
CVE-2023-36437Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-24023Mitre: CVE-2023-24023 Bluetooth Vulnerability
CVE-2023-36410Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36031Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36016Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36007Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
CVE-2023-36030Microsoft Dynamics 365 Sales Spoofing Vulnerability
CVE-2023-36439Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36050Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36039Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36035Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36413Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-36045Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2023-36041Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-36037Microsoft Excel Security Feature Bypass Vulnerability
CVE-2023-38177Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-36423Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVE-2023-36401Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVE-2023-36402Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36394Windows Search Service Elevation of Privilege Vulnerability
CVE-2023-36719Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVE-2023-36043Open Management Infrastructure Information Disclosure Vulnerability
CVE-2023-36393Windows User Interface Application Core Remote Code Execution Vulnerability
CVE-2023-36042Visual Studio Denial of Service Vulnerability
CVE-2023-36018Visual Studio Code Jupyter Extension Spoofing Vulnerability
CVE-2023-36428Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2023-36047Windows Authentication Elevation of Privilege Vulnerability
CVE-2023-36046Windows Authentication Denial of Service Vulnerability
CVE-2023-36036Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-36424Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-36396Windows Compressed Folder Remote Code Execution Vulnerability
CVE-2023-36422Microsoft Windows Defender Elevation of Privilege Vulnerability
CVE-2023-36395Windows Deployment Services Denial of Service Vulnerability
CVE-2023-36392DHCP Server Service Denial of Service Vulnerability
CVE-2023-36425Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2023-36033Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2023-36400Windows HMAC Key Derivation Elevation of Privilege Vulnerability
CVE-2023-36427Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-36408Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-36407Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-36406Windows Hyper-V Information Disclosure Vulnerability
CVE-2023-36705Windows Installer Elevation of Privilege Vulnerability
CVE-2023-36397Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-36405Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36404Windows Kernel Information Disclosure Vulnerability
CVE-2023-36403Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36398Windows NTFS Information Disclosure Vulnerability
CVE-2023-36028Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-36017Windows Scripting Engine Memory Corruption Vulnerability
CVE-2023-36025Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-36399Windows Storage Elevation of Privilege Vulnerability