Microsoft Patch Tuesday september 2023
This month’s Patch Tuesday fixes a total of 59 vulnerabilities, with 24 of those being for Remote Code Execution. 5 vulnerabilities are rated as Critical by Microsoft.
2 of vulnerabilities is associated with a zero day this month:
Fixes for multiple products were released as usual. The most important patches are:
CVE-2023-38148: Microsoft has confirmed that this is the most likely vulnerability to be exploited. This exploit can only be used if the Internet Connection Sharing (ICS) is enabled on the endpoint. The attack is limited to systems connected to the same network segment.
The main list of patches breaks down as follows:
- 24 Remote Code Execution vulnerabilities
- 3 Security Feature Bypass Vulnerabilities
- 9 Information Disclosure vulnerabilities
- 5 Spoofing vulnerability
- 3 Denial of Service vulnerabilities
- 3 Security Feature Bypass vulnerabilities
- 5 Edge – Chromium Vulnerabilities