Microsoft Monthly Security Update (October 2023)

Release Date: 11 Oct 2023 3846 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserLow Risk Low Risk  
WindowsExtremely High Risk Extremely High RiskRemote Code Execution
Denial of Service
Elevation of Privilege
Information Disclosure
Security Restriction Bypass

CVE-2023-36563 is being exploited in the wild.

 

CVE-2023-44487 is being exploited in the wild. 

Extended Security Updates (ESU)Medium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Information Disclosure
Denial of Service
Security Restriction Bypass

CVE-2023-36563 is being exploited in the wild. 

Developer ToolsExtremely High Risk Extremely High RiskDenial of Service
Elevation of Privilege

CVE-2023-44487 is being exploited in the wild. 

AzureMedium Risk Medium RiskElevation of Privilege
Remote Code Execution		 
Microsoft OfficeHigh Risk High RiskElevation of Privilege
Remote Code Execution

CVE-2023-41763 is being exploited in the wild.

SQL ServerMedium Risk Medium RiskRemote Code Execution
Denial of Service		 
Microsoft DynamicsMedium Risk Medium RiskInformation Disclosure
Denial of Service
Spoofing		 
Exchange ServerMedium Risk Medium RiskRemote Code Execution 

 

Number of 'Extremely High Risk' product(s): 2

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': Extremely High Risk

Impact

  • Remote Code Execution
  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Security Restriction Bypass
  • Spoofing

System / Technologies affected

  • Browser
  • Windows
  • Extended Security Updates (ESU)
  • Developer Tools
  • Azure
  • Microsoft Office
  • SQL Server
  • Microsoft Dynamics
  • Exchange Server

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier

Source

Related Link

Related Tags

MicrosoftRemote Code ExecutionDenial of ServiceElevation of PrivilegeInformation DisclosureSecurity Restriction BypassSpoofingZero-dayExploit In The Wild

Share with

Previous

ChromeOS Multiple Vulnerabilities

10 Oct 2023 3498 Views

Next

Google Chrome Multiple Vulnerabilities

11 Oct 2023 3036 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY