Adrian Borlea
Sicherheitswarnung
Schwachstellenanalyse
In diesem Artikel:

Microsoft released its monthly security updates on October 10, 2023. The updates fixed three zero-day vulnerabilities that were known to be exploited in the wild. Of the 104 CVEs addressed, 12 are rated as Critical while almost half of them are related to remote code execution risks.


Werfen wir einen genaueren Blick auf die interessantesten Aktualisierungen in diesem Monat.


Bemerkenswerte kritische Microsoft-Sicherheitslücken


⭕ Critical | Layer 2 Tunneling Protocol Remote Code Execution Vulnerabilities

⭕ Critical | Microsoft Message Queuing Remote Code Execution Vulnerabilities

  • CVE-2023-35349,CVE-2023-36697 are Remote Code Execution (RCE) vulnerabilities targeting the Message Queuing (MSMQ) protocol developed by Microsoft to ensure reliable communication between computers across different networks. Successful exploitation of the vulnerability may allow an attacker to perform remote code execution on the target server.


October's Patch Tuesday Addressing Zero-day Flaws


HTTP/2 ‘Reset Flood’ Denial of Service

  • CVE-2023-44487 is an HTTP/2 vulnerability that could allow an unauthenticated attacker to initiate a denial of service attack against HTTP/2 servers. This issue has been actively exploited in August 2023 in a series of DDoS attacks reported by Cloudflare. However, this is not strictly related to Microsoft products, but patches were released for Windows servers. Microsoft has also given a workaround to mitigate the vulnerability.


Microsoft WordPad Information Disclosure Vulnerability

  • CVE-2023-36563 is an information disclosure vulnerability in WordPad that could allow remote code execution and disclosure of NTLM password hashes. An attacker must log on to the system and run a specially crafted application to exploit the vulnerability. An attacker must also convince a user to click a malicious link and open the specially crafted file. This is the third WordPad vulnerability exploited in 2023 for NTLM hash theft.
CISA has added the vulnerability to its Known Exploited Vulnerabilities Catalog and requested users to patch it before October 31, 2023.


Skype for Business Elevation of Privilege Vulnerability

CVE-2023-41763 is an Elevation of Privilege vulnerability identified in Skype for Business servers. Microsoft has fixed this vulnerability which has been actively exploited. An attacker could exploit this vulnerability by sending a specially crafted network call to the target server. Successful exploitation may allow an attacker to parse an HTTP request to an arbitrary address that may disclose IP addresses, ports and other sensitive info to the attacker.

Active Directory Domain Services Information Disclosure Vulnerability

CVE-2023-36722

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

CVE-2023-41766

MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack

CVE-2023-44487

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-36594

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-38159

Microsoft QUIC Denial of Service Vulnerability

CVE-2023-38171

Microsoft QUIC Denial of Service Vulnerability

CVE-2023-36435

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-36577

Windows Media Foundation Core Remote Code Execution Vulnerability

CVE-2023-36710

Windows Search Security Feature Bypass Vulnerability

CVE-2023-36564

Microsoft WordPad Information Disclosure Vulnerability

CVE-2023-36563

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability

CVE-2023-36598

Active Template Library Denial of Service Vulnerability

CVE-2023-36585

Microsoft AllJoyn API Denial of Service Vulnerability

CVE-2023-36709

Windows Runtime Remote Code Execution Vulnerability

CVE-2023-36902

Windows Common Log File System Driver Information Disclosure Vulnerability

CVE-2023-36713

Windows Container Manager Service Elevation of Privilege Vulnerability

CVE-2023-36723

Windows Deployment Services Denial of Service Vulnerability

CVE-2023-36707

Windows Deployment Services Information Disclosure Vulnerability

CVE-2023-36567

Windows Deployment Services Information Disclosure Vulnerability

CVE-2023-36706

DHCP Server Service Denial of Service Vulnerability

CVE-2023-36703

Windows Error Reporting Service Elevation of Privilege Vulnerability

CVE-2023-36721

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2023-36436

PrintHTML API Remote Code Execution Vulnerability

CVE-2023-36557

Windows IIS Server Elevation of Privilege Vulnerability

CVE-2023-36434

Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability

CVE-2023-36726

Windows Kernel Information Disclosure Vulnerability

CVE-2023-36576

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-36712

Windows Kernel Security Feature Bypass Vulnerability

CVE-2023-36698

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41770

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41765

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41767

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-38166

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41774

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41773

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41771

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41769

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41768

Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2023-36584

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36571

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36570

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2023-36431

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-35349

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36591

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36590

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36589

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36583

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36592

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36697

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2023-36606

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36593

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36582

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36574

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36575

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36573

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36572

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2023-36581

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2023-36579

Microsoft Message Queuing Remote Code Execution Vulnerability

CVE-2023-36578

Microsoft DirectMusic Remote Code Execution Vulnerability

CVE-2023-36702

Windows Mixed Reality Developer Tools Denial of Service Vulnerability

CVE-2023-36720

Named Pipe File System Elevation of Privilege Vulnerability

CVE-2023-36729

Windows Named Pipe Filesystem Elevation of Privilege Vulnerability

CVE-2023-36605

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-36725

Windows Power Management Service Information Disclosure Vulnerability

CVE-2023-36724

Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability

CVE-2023-36790

Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability

CVE-2023-29348

Remote Procedure Call Information Disclosure Vulnerability

CVE-2023-36596

Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVE-2023-36701

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2023-36711

Windows Setup Files Cleanup Remote Code Execution Vulnerability

CVE-2023-36704

Windows TCP/IP Information Disclosure Vulnerability

CVE-2023-36438

Windows TCP/IP Denial of Service Vulnerability

CVE-2023-36603

Windows TCP/IP Denial of Service Vulnerability

CVE-2023-36602

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

CVE-2023-36717

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability

CVE-2023-36718

Win32k Elevation of Privilege Vulnerability

CVE-2023-36731

Win32k Elevation of Privilege Vulnerability

CVE-2023-36732

Win32k Elevation of Privilege Vulnerability

CVE-2023-36776

Win32k Elevation of Privilege Vulnerability

CVE-2023-36743

Win32k Elevation of Privilege Vulnerability

CVE-2023-41772

Runecast covers all 81 of the vulnerabilities that affect Windows operating systems, all mentioned below:

Runecast protects you against all of these vulnerabilities

At Runecast we ensure that all OS vulnerabilities are covered, so you can focus on mitigating threats and ensuring your system is running safe and secure. We keep you updated about the latest vulnerabilities, exploits and security compliance research and pride ourselves on responding quickly and decisively to key news in the IT Security and Operations spaces.

Runecast is an AI-powered platform that gives you complete visibility and proactive control over potential vulnerabilities in your environment. It provides best practices, risk-based vulnerability management, and security and continuous compliance audits to ensure that every aspect of your environment is protected.

Additionally, Runecast provides explicit instructions and generates custom remediation scripts, to help IT teams maintain continuous compliance within the environment. The Runecast platform can be deployed to AWS, Azure, Kubernetes, and VMware environments and can operate entirely on-premises or via our new SaaS offering.

Treffen Sie hier andere Runecaster:

Sichere und konforme Workloads überall ausführen

Let Runecast detect and assess risks, so you can be fully compliant in minutes.

Unverbindlich Testen