Skip to main content
Creating a new NHS England: Health Education England, NHS Digital and NHS England have merged. More about the merger.

Microsoft Releases September 2023 Security Updates

Scheduled updates for Microsoft products, including security updates for 2 zero-day vulnerabilities

Threat ID:
CC-4378
Threat Severity:
Medium
Published:
13 September 2023 11:53 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products, including security updates for 2 zero-day vulnerabilities

Affected platforms

The following platforms are known to be affected:

Microsoft Office

Microsoft Outlook

Microsoft Exchange Server

The following platforms are also known to be affected:

  • Microsoft Azure Kubernetes Service
  • Azure DevOps
  • Windows Cloud Files Mini Filter Driver
  • Microsoft Identity Linux Broker
  • 3D Viewer
  • Visual Studio Code
  • Microsoft Exchange Server
  • Visual Studio
  • Microsoft Office Word
  • Microsoft Office SharePoint
  • 3D Builder
  • .NET Framework
  • .NET and Visual Studio
  • .NET Core & Visual Studio
  • Microsoft Dynamics Finance & Operations
  • Windows DHCP Server
  • Microsoft Streaming Service
  • Windows Kernel
  • Windows GDI
  • Windows Scripting
  • Microsoft Dynamics
  • Windows Common Log File System Driver
  • Windows Themes
  • Microsoft Windows Codecs Library
  • Windows Internet Connection Sharing (ICS)
  • Windows TCP/IP
  • Windows Defender
  • Microsoft Office

Threat details

Introduction

Microsoft has released security updates to address 59 vulnerabilities, including 2 zero-day vulnerabilities. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Exploitation of CVE-2023-36802 and CVE-2023-36761

CVE-2023-36802 is a privilege escalation vulnerability in the Microsoft Streaming Service Proxy and is being exploited in the wild. Exploitation of this vulnerability could allow a local attacker to gain SYSTEM-level privileges.

CVE-2023-36761 is an information disclosure vulnerability in Microsoft Word and is being exploited. A public proof-of-concept is available, and the preview pane is considered an attack vector. Exploitation of this vulnerability could allow a local attacker to obtain new technology LAN manager (NTLM) hashes.

Remediation advice

Affected organisations are encouraged to review Microsoft’s September 2023 Security Update SummaryDeployment Information and apply the relevant updates.

Last edited: 13 September 2023 1:38 pm