Today is Microsoft’s November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
While fourteen remote code execution (RCE) bugs were fixed, Microsoft only rated one as critical. The three critical flaws fixed today are an Azure information disclosure bug, an RCE in Windows Internet Connection Sharing (ICS), and a Hyper-V escape flaw that allows the executions of programs on the host with SYSTEM privileges.
The number of bugs in each vulnerability category is listed below:
16 Elevation of Privilege Vulnerabilities
6 Security Feature Bypass Vulnerabilities
15 Remote Code Execution Vulnerabilities
6 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
11 Spoofing Vulnerabilities
The total count of 58 flaws does not include 5 Mariner security updates and 20 Microsoft Edge security updates released earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5032190 cumulative update and Windows 10 KB5032189 cumulative update.
Five zero-days fixed
This month’s Patch Tuesday fixes five zero-day vulnerabilities, with three exploited in attacks and three publicly disclosed.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The three actively exploited zero-day vulnerabilities in today’s updates are:
CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Microsoft has fixed an actively exploited Windows Cloud Files Mini Filter Elevation of Privileges bug.
“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” explains Microsoft.
It is not known how the flaw was abused in attacks or by what threat actor.
The flaw was discovered internally by the Microsoft Threat Intelligence Microsoft Security Response Center.
CVE-2023-36033 – Windows DWM Core Library Elevation of Privilege Vulnerability
Microsoft has fixed an actively exploited and publicly disclosed Windows DWM Core Library vulnerability that can be used to elevate privileges to SYSTEM.
“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” explains Microsoft.
Microsoft says that the flaw was discovered by Quan Jin(@jq0904) with DBAPPSecurity WeBin Lab but did not share details on how they were used in attacks.
CVE-2023-36025 – Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft has fixed an actively exploited Windows SmartScreen flaw that allows a malicious Internet Shortcut to bypass security checks and warnings.
“The attacker would be able to bypass Windows Defender SmartScreen checks and their associated prompts,” explains Microsoft.
“The user would have to click on a specially crafted Internet Shortcut (.URL) or a hyperlink pointing to an Internet Shortcut file to be compromised by the attacker,” continues Microsoft.
Microsoft says that the flaw was discovered by Will Metcalf (Splunk), Microsoft Threat Intelligence, and the Microsoft Office Product Group Security Team.
BleepingComputer contacted Splunk about the flaw to learn how it was exploited.
In addition, Microsoft says that two other publicly disclosed zero-day bugs, ‘CVE-2023-36413 – Microsoft Office Security Feature Bypass Vulnerability’ and the ‘CVE-2023-36038 — ASP.NET Core Denial of Service Vulnerability,’ were also fixed as part of today’s Patch Tuesday.
However, Microsoft says that they were not actively exploited in attacks.
Recent updates from other companies
Other vendors who released updates or advisories in November 2023 include:
The November 2023 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities in the November 2023 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
CVE ID
CVE Title
Severity
.NET Framework
CVE-2023-36049
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Important
ASP.NET
CVE-2023-36560
ASP.NET Security Feature Bypass Vulnerability
Important
ASP.NET
CVE-2023-36038
ASP.NET Core Denial of Service Vulnerability
Important
ASP.NET
CVE-2023-36558
ASP.NET Core – Security Feature Bypass Vulnerability
Important
Azure
CVE-2023-36052
Azure CLI REST Command Information Disclosure Vulnerability
Critical
Azure
CVE-2023-38151
Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
Important
Azure
CVE-2023-36021
Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability
Important
Azure DevOps
CVE-2023-36437
Azure DevOps Server Remote Code Execution Vulnerability
Important
Mariner
CVE-2020-1747
Unknown
Unknown
Mariner
CVE-2023-46316
Unknown
Unknown
Mariner
CVE-2023-46753
Unknown
Unknown
Mariner
CVE-2020-8554
Unknown
Unknown
Mariner
CVE-2020-14343
Unknown
Unknown
Microsoft Bluetooth Driver
CVE-2023-24023
Mitre: CVE-2023-24023 Bluetooth Vulnerability
Important
Microsoft Dynamics
CVE-2023-36016
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-36007
Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
Important
Microsoft Dynamics
CVE-2023-36031
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-36410
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics 365 Sales
CVE-2023-36030
Microsoft Dynamics 365 Sales Spoofing Vulnerability
Important
Microsoft Edge (Chromium-based)
CVE-2023-36014
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Microsoft Edge (Chromium-based)
CVE-2023-5996
Chromium: CVE-2023-5996 Use after free in WebAudio
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-36022
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Microsoft Edge (Chromium-based)
CVE-2023-36027
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Important
Microsoft Edge (Chromium-based)
CVE-2023-36029
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Microsoft Edge (Chromium-based)
CVE-2023-5480
Chromium: CVE-2023-5480 Inappropriate implementation in Payments
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5856
Chromium: CVE-2023-5856 Use after free in Side Panel
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5855
Chromium: CVE-2023-5855 Use after free in Reading Mode
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5854
Chromium: CVE-2023-5854 Use after free in Profiles
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5859
Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5858
Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5857
Chromium: CVE-2023-5857 Inappropriate implementation in Downloads
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5850
Chromium: CVE-2023-5850 Incorrect security UI in Downloads
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5849
Chromium: CVE-2023-5849 Integer overflow in USB
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5482
Chromium: CVE-2023-5482 Insufficient data validation in USB
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5853
Chromium: CVE-2023-5853 Incorrect security UI in Downloads
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5852
Chromium: CVE-2023-5852 Use after free in Printing
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-5851
Chromium: CVE-2023-5851 Inappropriate implementation in Downloads
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-36024
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Important
Microsoft Edge (Chromium-based)
CVE-2023-36034
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Microsoft Exchange Server
CVE-2023-36439
Microsoft Exchange Server Remote Code Execution Vulnerability
Important
Microsoft Exchange Server
CVE-2023-36050
Microsoft Exchange Server Spoofing Vulnerability
Important
Microsoft Exchange Server
CVE-2023-36039
Microsoft Exchange Server Spoofing Vulnerability
Important
Microsoft Exchange Server
CVE-2023-36035
Microsoft Exchange Server Spoofing Vulnerability
Important
Microsoft Office
CVE-2023-36413
Microsoft Office Security Feature Bypass Vulnerability
Important
Microsoft Office
CVE-2023-36045
Microsoft Office Graphics Remote Code Execution Vulnerability
Important
Microsoft Office Excel
CVE-2023-36041
Microsoft Excel Remote Code Execution Vulnerability
Important
Microsoft Office Excel
CVE-2023-36037
Microsoft Excel Security Feature Bypass Vulnerability
Important
Microsoft Office SharePoint
CVE-2023-38177
Microsoft SharePoint Server Remote Code Execution Vulnerability
Important
Microsoft Remote Registry Service
CVE-2023-36423
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Important
Microsoft Remote Registry Service
CVE-2023-36401
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Important
Microsoft WDAC OLE DB provider for SQL
CVE-2023-36402
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Important
Microsoft Windows Search Component
CVE-2023-36394
Windows Search Service Elevation of Privilege Vulnerability
Important
Microsoft Windows Speech
CVE-2023-36719
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
Important
Open Management Infrastructure
CVE-2023-36043
Open Management Infrastructure Information Disclosure Vulnerability
Important
Tablet Windows User Interface
CVE-2023-36393
Windows User Interface Application Core Remote Code Execution Vulnerability
Important
Visual Studio
CVE-2023-36042
Visual Studio Denial of Service Vulnerability
Important
Visual Studio Code
CVE-2023-36018
Visual Studio Code Jupyter Extension Spoofing Vulnerability
Important
Windows Authentication Methods
CVE-2023-36047
Windows Authentication Elevation of Privilege Vulnerability
Important
Windows Authentication Methods
CVE-2023-36428
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Important
Windows Authentication Methods
CVE-2023-36046
Windows Authentication Denial of Service Vulnerability
Important
Windows Cloud Files Mini Filter Driver
CVE-2023-36036
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Important
Windows Common Log File System Driver
CVE-2023-36424
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Important
Windows Compressed Folder
CVE-2023-36396
Windows Compressed Folder Remote Code Execution Vulnerability
Important
Windows Defender
CVE-2023-36422
Microsoft Windows Defender Elevation of Privilege Vulnerability
Important
Windows Deployment Services
CVE-2023-36395
Windows Deployment Services Denial of Service Vulnerability
Important
Windows DHCP Server
CVE-2023-36392
DHCP Server Service Denial of Service Vulnerability
Important
Windows Distributed File System (DFS)
CVE-2023-36425
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
Important
Windows DWM Core Library
CVE-2023-36033
Windows DWM Core Library Elevation of Privilege Vulnerability
Important
Windows HMAC Key Derivation
CVE-2023-36400
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
Critical
Windows Hyper-V
CVE-2023-36427
Windows Hyper-V Elevation of Privilege Vulnerability
Important
Windows Hyper-V
CVE-2023-36407
Windows Hyper-V Elevation of Privilege Vulnerability
Important
Windows Hyper-V
CVE-2023-36406
Windows Hyper-V Information Disclosure Vulnerability
Important
Windows Hyper-V
CVE-2023-36408
Windows Hyper-V Elevation of Privilege Vulnerability
Important
Windows Installer
CVE-2023-36705
Windows Installer Elevation of Privilege Vulnerability
Important
Windows Internet Connection Sharing (ICS)
CVE-2023-36397
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Critical
Windows Kernel
CVE-2023-36405
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-36404
Windows Kernel Information Disclosure Vulnerability
Important
Windows Kernel
CVE-2023-36403
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows NTFS
CVE-2023-36398
Windows NTFS Information Disclosure Vulnerability
Important
Windows Protected EAP (PEAP)
CVE-2023-36028
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
Important
Windows Scripting
CVE-2023-36017
Windows Scripting Engine Memory Corruption Vulnerability
Important
Windows SmartScreen
CVE-2023-36025
Windows SmartScreen Security Feature Bypass Vulnerability
Important
Windows Storage
CVE-2023-36399
Windows Storage Elevation of Privilege Vulnerability
Important
