{"id":32561,"date":"2023-12-13T00:10:38","date_gmt":"2023-12-12T23:10:38","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=32561"},"modified":"2023-12-14T08:14:47","modified_gmt":"2023-12-14T07:14:47","slug":"microsoft-security-update-summary-december-12-2023","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2023\/12\/13\/microsoft-security-update-summary-december-12-2023\/","title":{"rendered":"Microsoft Security Update Summary (December 12, 2023)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Update-01.jpg\" alt=\"Update\" border=\"0\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2023\/12\/12\/microsoft-security-update-summary-12-dezember-2023\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]On December 12, 2023, Microsoft released security updates for Windows clients and servers, for Office &#8211; and for other products. The security updates eliminate 33 vulnerabilities (CVEs), four of which are critical vulnerabilities. Below is a compact overview of these updates that were released on Patchday.<br \/>\n<!--more--><\/p>\n<h2>Notes on the updates<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg09.met.vgwort.de\/na\/7d6ae45fbf454755b152fcaae287ed1b\" alt=\"\" width=\"1\" height=\"1\" \/>A list of the updates can be found on<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-us\" target=\"_blank\" rel=\"noopener\"> this Microsoft page<\/a>. Details on the update packages for Windows, Office etc. are available in separate blog posts.<\/p>\n<h3>Windows 10\/11, Windows Server<\/h3>\n<p>All Windows 10\/11 updates (as well as the updates of the server counterparts) are cumulative. The monthly patchday update contains all security fixes for these Windows versions &#8211; as well as all non-security fixes up to the patchday. In addition to the security patches for the vulnerabilities, the updates also contain fixes to correct errors or new features.<\/p>\n<h3>Windows 7 SP1\/Windows Server 2012 R2<\/h3>\n<p>Windows 7 SP1 is no longer supported since January 2020. Only customers with an ESU license for the 4th year (or workarounds) will still receive updates. Updates can also be downloaded from the <a href=\"https:\/\/www.catalog.update.microsoft.com\/Home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>. Windows Server 2012 \/R2 will receive regular security updates until October 2023. From this point onwards, an ESU license is also required to obtain further security updates (see <a href=\"https:\/\/borncity.com\/win\/2023\/11\/11\/windows-server-2012-r2-gets-extended-security-updates-esu-until-october-2026\/\">Windows Server 2012\/R2 gets Extended Security Updates (ESU) until October 2026<\/a>).<\/p>\n<h2>Fixed vulnerabilities<\/h2>\n<p>Tenable has published <a href=\"https:\/\/www.tenable.com\/blog\/microsofts-december-2023-patch-tuesday-addresses-33-cves-cve-2023-36019\" target=\"_blank\" rel=\"noopener\">this blog post<\/a> with an overview of the vulnerabilities that have been fixed. Here are some of the critical vulnerabilities that have been fixed:<\/p>\n<ul>\n<li><u><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36019\" target=\"_blank\" rel=\"noopener\">CVE-2023-36019<\/a><\/u>: Microsoft Power Platform Connector Spoofing Vulnerability, CVEv3 Score 9.6, critical; The vulnerability is classified as \"Exploitation Less Likely\" according to Microsoft's Exploitability Index. This vulnerability relates to custom connectors, in particular URI redirection per connector. According to Microsoft, an attacker can exploit this vulnerability to spoof a legitimate link or file and redirect a victim to a malicious link or application. This vulnerability has been mitigated since November 17, as Microsoft requires that all new custom connectors that use OAuth 2.0 authentication are automatically assigned a per-connector redirect URI. However, existing connectors must be updated before February 17, 2024 to use per-connector redirect URIs.<\/li>\n<li><u><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-35641\" target=\"_blank\" rel=\"noopener\">CVE-2023-35641<\/a><\/u> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-35630\" target=\"_blank\" rel=\"noopener\">CVE-2023-35630<\/a><u><\/u>: Internet Connection Sharing (ICS) Remote Code Execution\u00a0Vulnerability,\u00a0 CVEv3 Score8.8, critical; These are RCE vulnerabilities that affect the Internet Connection Sharing Service in Windows, a service that allows a device connected to the Internet to share its connection with other devices on a local network. Exploitation of CVE-2023-35641, which has been rated \"Exploitation More Likely\" by Microsoft, can be accomplished by sending a specially crafted DHCP message to a server running the ICS service. To exploit the vulnerability CVE-2023-35630, which has been classified as \"Less Likely\" by Microsoft, an attacker must change the length field in a DHCPv6 message. Both vulnerabilities are attributed to researchers at Kunlun Lab and an anonymous researcher.<\/li>\n<li><u><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36696\" target=\"_blank\" rel=\"noopener\">CVE-2023-36696<\/a><\/u>: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability,\u00a0 CVEv3 Score 7.8, important; It is an EoP vulnerability in the Microsoft Windows Cloud Files Mini Filter Driver (cldflt.sys). It has been rated as \"Exploit Likely\". An attacker could exploit this vulnerability as part of post-compromise activity to elevate privileges on SYSTEM.<\/li>\n<li><u><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-35628\" target=\"_blank\" rel=\"noopener\">CVE-2023-35628<\/a><\/u>: Windows MSHTML Platform Remote Code Execution Vulnerability,\u00a0 CVEv3 Score 8.1, critical; It is an RCE vulnerability that affects the Windows MSHTML platform. The vulnerability has been classified as \"Exploitation More Likely\". According to Microsoft, an attacker can exploit this vulnerability by sending a specially crafted email that is automatically processed when it is retrieved by Microsoft Outlook. Exploitation occurs before the email is displayed in the preview pane. Although this is a critical vulnerability, Microsoft notes that the attacker must use \"complex memory reshaping techniques\" for successful exploitation, which could limit successful exploitation of this vulnerability to very skilled attackers.<\/li>\n<\/ul>\n<p>A list of all covered CVEs can be found on <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/\" target=\"_blank\" rel=\"noopener\">this Microsoft page<\/a>, excerpts are available at <a href=\"https:\/\/www.tenable.com\/blog\/microsofts-december-2023-patch-tuesday-addresses-33-cves-cve-2023-36019\" target=\"_blank\" rel=\"noopener\">Tenable<\/a>. Below is the list of patched products:<\/p>\n<ul>\n<li>Azure Connected Machine Agent<\/li>\n<li>Azure Machine Learning<\/li>\n<li>Microsoft Bluetooth Driver<\/li>\n<li>Microsoft Dynamics<\/li>\n<li>Microsoft Office Outlook<\/li>\n<li>Microsoft Office Word<\/li>\n<li>Microsoft Power Platform Connector<\/li>\n<li>Microsoft WDAC OLE DB provider for SQL<\/li>\n<li>Microsoft Windows DNS<\/li>\n<li>Windows Cloud Files Mini Filter Driver<\/li>\n<li>Windows Defender<\/li>\n<li>Windows DHCP Server<\/li>\n<li>Windows DPAPI (Data Protection Application Programming Interface)<\/li>\n<li>Windows Internet Connection Sharing (ICS)<\/li>\n<li>Windows Kernel<\/li>\n<li>Windows Kernel-Mode Drivers<\/li>\n<li>Windows Local Security Authority Subsystem Service (LSASS)<\/li>\n<li>Windows Media<\/li>\n<li>Windows MSHTML Platform<\/li>\n<li>Windows ODBC Driver<\/li>\n<li>Windows Telephony Server<\/li>\n<li>Windows USB Mass Storage Class Driver<\/li>\n<li>Windows Win32K<\/li>\n<li>XAML Diagnostics<\/li>\n<\/ul>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2023\/12\/13\/microsoft-security-update-summary-december-12-2023\/\" target=\"_blank\" rel=\"noopener\">Microsoft Security Update Summary (December 12, 2023)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2023\/12\/13\/patchday-windows-10-updates-december-12-2023\/\">Patchday: Windows 10 updates (December 12, 2023)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2023\/12\/13\/patchday-windows-11-server-2022-updates-december-12-2023\/\">Patchday: Windows 11\/Server 2022 updates (December 12, 2023)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2023\/12\/13\/windows-7-server-2008-r2-server-2012-r2-updates-december-12-2023\/\">Windows 7\/Server 2008 R2; Server 2012 R2: Updates (December 12, 2023)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2023\/12\/14\/microsoft-office-updates-december-12-2023\/\" target=\"_blank\" rel=\"noopener\">Microsoft Office updates (December 12, 2023)<\/a><\/p>\n<p><a href=\"https:\/\/borncity.com\/win\/2023\/12\/01\/windows-10-22h2-preview-update-kb5032278-november-30-2023\/\">Windows 10 22H2 Preview Update KB5032278 (November 30, 2023)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2023\/12\/05\/windows-11-23h2-22h2-preview-update-kb5032288-december-04-2023\/\">Windows 11 23H2\/22H2: Preview Update KB5032288 (December 04, 2023)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]On December 12, 2023, Microsoft released security updates for Windows clients and servers, for Office &#8211; and for other products. The security updates eliminate 33 vulnerabilities (CVEs), four of which are critical vulnerabilities. Below is a compact overview of these &hellip; <a href=\"https:\/\/borncity.com\/win\/2023\/12\/13\/microsoft-security-update-summary-december-12-2023\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,580,1547,22,2],"tags":[125,2838,69,1544,195,194],"class_list":["post-32561","post","type-post","status-publish","format-standard","hentry","category-office","category-security","category-software","category-update","category-windows","tag-office","tag-patchday-12-2023","tag-security","tag-software","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/32561","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=32561"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/32561\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=32561"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=32561"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=32561"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}