WARNING: MICROSOFT PATCH TUESDAY DECEMBER 2023 PATCHES 34 VULNERABILITIES (4 CRITICAL, 30 IMPORTANT), PATCH IMMEDIATELY!
Microsoft patched 34 vulnerabilities in its December 2023 Patch Tuesday release, 4 rated as critical, 30 rated important.
- 8 Remote Code Execution Vulnerabilities
- 10 Elevation of Privilege Vulnerabilities
- 5 Spoofing Vulnerabilities
- 6 Information Disclosure Vulnerabilities
- 5 Denial of Service Vulnerabilities
Sources
https://msrc.microsoft.com/update-guide/releaseNote/2023-Dec
Risks
Microsoft's December Patch Tuesday includes four critical and thirty important vulnerabilities for a wide range of Microsoft products, Affecting Microsoft Server, and Workstations.
Microsoft’s Patch Tuesday included a security update addressing the CVE-2023-20588 zero-day vulnerability affecting certain AMD processors.
Description
Microsoft has released multiple patches for vulnerabilities covering a range of their products. These monthly releases are called "Patch Tuesday” and hold security fixes for Microsoft devices and software. This month's release covers thirty-four Microsoft vulnerabilities. Four vulnerabilities are marked as critical and thirty as important.
CVE-2023-35628 is a critical remote code execution vulnerability in the Windows MSHTML platform, with a CVSSv3.1 score of 8.1. A remote attacker can exploit CVE-2023-35628 by sending a weaponized email; Microsoft Outlook will process this email automatically, and it does not require user interaction.
CVE-2023-36019 is a critical spoofing vulnerability in the Microsoft Power Platform Connector, with a CVSSv3.1 score of 9.6. A remote attacker can exploit CVE-2023-36019 to direct a victim to a malicious link or application. While the vulnerability resides in the web server, the victim’s browser will execute malicious scripts.
CVE-2023-20588, a non-Microsoft CVE as part of December 2023 Patch Tuesday, involves a division-by-zero error on select AMD processors. CVE-2023-20588 received a medium CVSSv3.1 score of 5.5, with AMD assessing its potential impact as low, given that local access is required for exploitation. Successful exploitation of CVE-2023-20588 could potentially reveal speculative data, leading to a loss of confidentiality.
Recommended Actions
Patch
The Centre for Cyber Security Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
References
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-20588