Important Vulnerabilities in Microsoft’s
July 2023 Security Update
Background /
What has happened?
The Australian
Cyber Security Centre (ACSC) has reviewed the Microsoft July 2023 Security
Update.
The Security
Update provided patches for 132 vulnerabilities.
6
vulnerabilities are believed to have been exploited.
9
vulnerabilities are rated ‘Critical’.
The following
vulnerabilities are important based on their severity, widespread use of the
related product and/or likelihood of exploitation.
Office and Windows
HTML RCE unpatched 0-day (CVE-2023-36884)
A Critical rated
vulnerability which allows Arbitrary Code Execution in situations where victims
are convinced to open a malicious file.
The malicious
file may be of a type that the user likely considers safe, such as a word
document with no macros.
This is an
actively exploited 0-day vulnerability.
Microsoft has
not yet provided a patch, and all affected users are encouraged to apply
mitigations.
Mitigations are
found in the Microsoft Guidance page: (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884).
System
administrators should keep an eye out for a patch for this in future Microsoft
monthly releases.
Windows Remote
Desktop Authentication Bypass (CVE-2023-35352)
A Critical rated
vulnerability which allows attackers to bypass certain authentication
configurations.
Bypass
certificate or private key authentication when establishing a remote desktop
protocol session.
RDP is widely
used amongst organizations for remote workers, and internal systems.
Windows Message
Queuing RCE (CVE-2023-32057)
A Critical rated
vulnerability which allows attackers Remote Code Execution.
MSMQ is not
enabled by default. A user can check if MSMQ is running by looking for a
service called ‘Message Queuing’.
A user can also
check if TCP Port 1801 is listening on the machine.
Mitigation / How
do I stay secure?
Technical
subject matter experts that use Microsoft products should read the associated
security update guides available for their products.
General users
should consider enabling automatic patching of Microsoft products if they have
not already done so. Advice is available on the Protect Yourself: Updates page.
About Company
At Jypra Group,
we offer comprehensive, 365/24/7 cybersecurity and managed IT services tailored
to protect your business from evolving threats. Our suite of services includes
advanced endpoint security monitoring, malware and ransomware protection, threat
detection and response, and business email compromise protection. We also
provide proactive measures such as vulnerability assessments, mobile and
network security, penetration testing, and data loss prevention to ensure a
secure and resilient IT environment for your business.
Click Here For
More Info:- https://jypragroup.com.au/
Social Media
Profile Links:-
https://www.instagram.com/jypragroup
The Wall