Microsoft July 2023 Patch Tuesday

July’s Patch Tuesday was released to fix security flaws in some products such as Windows Server 2016, Windows Server 2012 R2, Microsoft Office 2013, .NET 6.0, Microsoft Malware Protection Engine, Microsoft Outlook 2016 (64-bit edition), Microsoft Visual Studio 2022, Microsoft SharePoint Server 2019, and Windows Admin Center.

Sample of the actively exploited zero-day vulnerabilities fixed in July’s Patch are:

• Windows SmartScreen Security Feature Bypass Vulnerability allows the remote attacker to bypass the display of the Open File – Security Warning prompt when downloading and opening files from the Internet – CVE-2023-32049.
• Windows Error Reporting Service Elevation of Privilege Vulnerability allows the local authenticated attacker to gain admin privileges by executing a specially crafted program – CVE-2023-36874.
• Office and Windows HTML Remote Code Execution Vulnerability allows remote code execution using specially-crafted Microsoft Office documents – CVE-2023-36884. It should be highlighted that this zero-day wasn’t fixed in this patch and Microsoft has published mitigation steps for this zero-day.

Sample of the addressed vulnerabilities:

1. Microsoft Windows Routing and Remote Access Service (RRAS) Code Execution Vulnerability (CVE-2023-35365):

• CVSS: 9.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Privileges

2. Microsoft Windows Remote Desktop Security Bypass (CVE-2023-35352):

• CVSS: 7.5
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Bypass Security