Skip to main content

Microsoft Monthly Security Update (October 2023)

Release Date: 11 Oct 2023 4260 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserLow Risk Low Risk  
WindowsExtremely High Risk Extremely High RiskRemote Code Execution
Denial of Service
Elevation of Privilege
Information Disclosure
Security Restriction Bypass

CVE-2023-36563 is being exploited in the wild.

 

CVE-2023-44487 is being exploited in the wild. 

Extended Security Updates (ESU)Medium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Information Disclosure
Denial of Service
Security Restriction Bypass

CVE-2023-36563 is being exploited in the wild. 

Developer ToolsExtremely High Risk Extremely High RiskDenial of Service
Elevation of Privilege

CVE-2023-44487 is being exploited in the wild. 

AzureMedium Risk Medium RiskElevation of Privilege
Remote Code Execution
 
Microsoft OfficeHigh Risk High RiskElevation of Privilege
Remote Code Execution

CVE-2023-41763 is being exploited in the wild.

SQL ServerMedium Risk Medium RiskRemote Code Execution
Denial of Service
 
Microsoft DynamicsMedium Risk Medium RiskInformation Disclosure
Denial of Service
Spoofing
 
Exchange ServerMedium Risk Medium RiskRemote Code Execution 

 

Number of 'Extremely High Risk' product(s): 2

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': Extremely High Risk


Impact

  • Remote Code Execution
  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Security Restriction Bypass
  • Spoofing

System / Technologies affected

  • Browser
  • Windows
  • Extended Security Updates (ESU)
  • Developer Tools
  • Azure
  • Microsoft Office
  • SQL Server
  • Microsoft Dynamics
  • Exchange Server

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier


Source


Related Link