Service Notices

All Notices > Security Notices > Microsoft Releases September 2023 Security Updates

Microsoft Releases September 2023 Security Updates

Sep 14, 2023 GMT+08:00

I. Overview

Microsoft has released its September 2023 security updates. A total of 59 security vulnerabilities have been disclosed, among which 5 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to implement remote code execution, privilege escalation, and security feature bypass. The affected applications include Microsoft Windows, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio.

For details, visit the Microsoft official website:

https://msrc.microsoft.com/update-guide/releaseNote/2023-Sep

The following vulnerabilities have been exploited by attackers:

Microsoft Word Information Disclosure Vulnerability (CVE-2023-36761): 0-day vulnerability. A remote attacker would lure a user into opening a specially crafted file to trigger the vulnerability. Successful exploitation of this vulnerability can cause the disclosure of NTLM hashes. This vulnerability has been exploited in the wild, and the risk is high.

Microsoft streaming processing proxy privilege escalation vulnerability (CVE-2023-36802): 0-day vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This vulnerability has been exploited in the wild, and the risk is high.

12 vulnerabilities (such as CVE-2023-38148, CVE-2023-36744, and CVE-2023-36756) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Microsoft Windows, Microsoft Office, Microsoft Exchange Server, Microsoft Visual Studio

IV. Vulnerability Details

CVE ID

Vulnerability

Severity

Description

CVE-2023-36796
CVE-2023-36793
CVE-2023-36792

Visual Studio Remote Code Execution Vulnerability

Important

A remote attacker triggers the vulnerability by inducing users to open maliciously created package files in Visual Studio. Successful exploitation of this vulnerability can cause remote code execution on the target host.

CVE-2023-29332

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Important

An attacker who successfully exploited this vulnerability could gain cluster administrator privileges.

CVE-2023-38148

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Important

An unauthorized attacker could exploit this vulnerability by sending a specially crafted network packet to the Internet Connection Sharing (ICS) Service. Successful exploitation of the vulnerability can cause arbitrary code execution on the target system.

(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)

V. Security Recommendations

1. Use Windows Update or download patches from the following address to fix the vulnerabilities:

https://msrc.microsoft.com/update-guide

2. Back up data remotely to protect your data.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.