Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The October 2023 edition of Patch Tuesday brings us 104 new fixes, with 13 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the October 2023 Patch Tuesday Audit Report
Microsoft Message Queuing Remote Code Execution Vulnerability
One of the most critical vulnerabilities lies in the Windows Message Queuing component. CVE-2023-35349 has a CVSS base score of 9.8 however in order to exploit the vulnerability, the Windows message queuing service must be installed. If the message queuing service is installed and an attacker exploits this vulnerability, it could allow an unauthenticated attacker to remotely execute code on the target server.
On top of the critical vulnerability, the MSMQ service had a total of 19 other vulnerabilities fixed! If you’re looking for an overview of all your servers that have the MSMQ service enabled, you can use our Windows Server MSMQ Server Feature Audit.
Layer 2 Tunneling Protocol RCE Vulnerabilities
A whopping nine vulnerabilities were fixed in the Layer 2 Tunneling Protocol, all with a CVSS base score of 8.1. All of them are rated as critical by Microsoft. However, an attacker needs to send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server to exploit the vulnerability.
Six SQL Server Vulnerabilities
A total of six vulnerabilities were fixed for SQL server. One Denial of Service vulnerability and five RCE vulnerabilities. For successful exploitation of the RCE, an attacker would have to trick an authenticated user into attempting to connect to a malicious SQL server via a connection driver.
To quickly get an overview of all of your SQL servers, you can use our SQL Server Role Audit to get an overview.
Run the Patch Tuesday October 2023 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Run the October Patch Tuesday Audit
Patch Tuesday October 2023 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2023-44487 | MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack |
CVE-2023-41774 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41773 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41772 | Win32k Elevation of Privilege Vulnerability |
CVE-2023-41771 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41770 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41769 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41768 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41767 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41766 | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability |
CVE-2023-41765 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-41763 | Skype for Business Elevation of Privilege Vulnerability |
CVE-2023-38171 | Microsoft QUIC Denial of Service Vulnerability |
CVE-2023-38166 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2023-38159 | Windows Graphics Component Elevation of Privilege Vulnerability |
CVE-2023-36902 | Windows Runtime Remote Code Execution Vulnerability |
CVE-2023-36796 | Visual Studio Remote Code Execution Vulnerability |
CVE-2023-36794 | Visual Studio Remote Code Execution Vulnerability |
CVE-2023-36793 | Visual Studio Remote Code Execution Vulnerability |
CVE-2023-36792 | Visual Studio Remote Code Execution Vulnerability |
CVE-2023-36790 | Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability |
CVE-2023-36789 | Skype for Business Remote Code Execution Vulnerability |
CVE-2023-36786 | Skype for Business Remote Code Execution Vulnerability |
CVE-2023-36785 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
CVE-2023-36780 | Skype for Business Remote Code Execution Vulnerability |
CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability |
CVE-2023-36776 | Win32k Elevation of Privilege Vulnerability |
CVE-2023-36743 | Win32k Elevation of Privilege Vulnerability |
CVE-2023-36737 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability |
CVE-2023-36732 | Win32k Elevation of Privilege Vulnerability |
CVE-2023-36731 | Win32k Elevation of Privilege Vulnerability |
CVE-2023-36730 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
CVE-2023-36729 | Named Pipe File System Elevation of Privilege Vulnerability |
CVE-2023-36728 | Microsoft SQL Server Denial of Service Vulnerability |
CVE-2023-36726 | Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability |
CVE-2023-36725 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-36724 | Windows Power Management Service Information Disclosure Vulnerability |
CVE-2023-36723 | Windows Container Manager Service Elevation of Privilege Vulnerability |
CVE-2023-36722 | Active Directory Domain Services Information Disclosure Vulnerability |
CVE-2023-36721 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
CVE-2023-36720 | Windows Mixed Reality Developer Tools Denial of Service Vulnerability |
CVE-2023-36718 | Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability |
CVE-2023-36717 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability |
CVE-2023-36713 | Windows Common Log File System Driver Information Disclosure Vulnerability |
CVE-2023-36712 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2023-36711 | Windows Runtime C++ Template Library Elevation of Privilege Vulnerability |
CVE-2023-36710 | Windows Media Foundation Core Remote Code Execution Vulnerability |
CVE-2023-36709 | Microsoft AllJoyn API Denial of Service Vulnerability |
CVE-2023-36707 | Windows Deployment Services Denial of Service Vulnerability |
CVE-2023-36706 | Windows Deployment Services Information Disclosure Vulnerability |
CVE-2023-36704 | Windows Setup Files Cleanup Remote Code Execution Vulnerability |
CVE-2023-36703 | DHCP Server Service Denial of Service Vulnerability |
CVE-2023-36702 | Microsoft DirectMusic Remote Code Execution Vulnerability |
CVE-2023-36701 | Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability |
CVE-2023-36698 | Windows Kernel Security Feature Bypass Vulnerability |
CVE-2023-36697 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36606 | Microsoft Message Queuing Denial of Service Vulnerability |
CVE-2023-36605 | Windows Named Pipe Filesystem Elevation of Privilege Vulnerability |
CVE-2023-36603 | Windows TCP/IP Denial of Service Vulnerability |
CVE-2023-36602 | Windows TCP/IP Denial of Service Vulnerability |
CVE-2023-36598 | Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability |
CVE-2023-36596 | Remote Procedure Call Information Disclosure Vulnerability |
CVE-2023-36594 | Windows Graphics Component Elevation of Privilege Vulnerability |
CVE-2023-36593 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36592 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36591 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36590 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36589 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36585 | Active Template Library Denial of Service Vulnerability |
CVE-2023-36584 | Windows Mark of the Web Security Feature Bypass Vulnerability |
CVE-2023-36583 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36582 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36581 | Microsoft Message Queuing Denial of Service Vulnerability |
CVE-2023-36579 | Microsoft Message Queuing Denial of Service Vulnerability |
CVE-2023-36578 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36577 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
CVE-2023-36576 | Windows Kernel Information Disclosure Vulnerability |
CVE-2023-36575 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36574 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36573 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36572 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36571 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36570 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-36569 | Microsoft Office Elevation of Privilege Vulnerability |
CVE-2023-36568 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability |
CVE-2023-36567 | Windows Deployment Services Information Disclosure Vulnerability |
CVE-2023-36566 | Microsoft Common Data Model SDK Denial of Service Vulnerability |
CVE-2023-36565 | Microsoft Office Graphics Elevation of Privilege Vulnerability |
CVE-2023-36564 | Windows Search Security Feature Bypass Vulnerability |
CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability |
CVE-2023-36561 | Azure DevOps Server Elevation of Privilege Vulnerability |
CVE-2023-36557 | PrintHTML API Remote Code Execution Vulnerability |
CVE-2023-36438 | Windows TCP/IP Information Disclosure Vulnerability |
CVE-2023-36436 | Windows MSHTML Platform Remote Code Execution Vulnerability |
CVE-2023-36435 | Microsoft QUIC Denial of Service Vulnerability |
CVE-2023-36434 | Windows IIS Server Elevation of Privilege Vulnerability |
CVE-2023-36433 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
CVE-2023-36431 | Microsoft Message Queuing Denial of Service Vulnerability |
CVE-2023-36429 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
CVE-2023-36420 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
CVE-2023-36419 | Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability |
CVE-2023-36418 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2023-36417 | Microsoft SQL ODBC Driver Remote Code Execution Vulnerability |
CVE-2023-36416 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
CVE-2023-36415 | Azure Identity SDK Remote Code Execution Vulnerability |
CVE-2023-36414 | Azure Identity SDK Remote Code Execution Vulnerability |
CVE-2023-35349 | Microsoft Message Queuing Remote Code Execution Vulnerability |
CVE-2023-29348 | Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability |
CVE-2023-21709 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability |