Adrian Borlea
Security Alert
In this article:

Microsoft released its monthly security updates on September 12, 2023. The updates fixed two zero-day vulnerabilities that were known to be exploited in the wild. Five of the 66 vulnerabilities patched were rated as critical and 58 as important. September’s Patch Tuesday includes several important updates for vulnerabilities in Microsoft Office and components, Microsoft Azure Kubernetes Service, Microsoft Dynamics, Microsoft Visual Studio and others.

Let’s take a closer look at the most interesting updates for this month. 

⭕ Notable Critical Microsoft Vulnerabilities


 ⭕ Critical |Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

  • CVE-2023-38148 is a critical vulnerability affecting Internet Connection Sharing (ICS) which is a feature in Windows that allows a computer with an active internet connection to distribute its connectivity to other devices within a local area network (LAN). Fortunately this only applies to devices where this functionality is enabled. If it is enabled, an attacker could end up executing code by sending a specially crafted network pack to the ICS Service. Attacks can be conducted only to systems connected to the same network segment, the attacks cannot be performed across multiple networks.

⭕ Critical | Visual Studio Remote Code Execution Vulnerability

  • CVE-2023-36792, CVE-2023-36793, CVE-2023-36796 are Remote Code Execution (RCE) vulnerabilities having the highest CVSS score for this month’s Patch Tuesday. To exploit this vulnerability an attacker would need to persuade an user to initiate a malicious crafted package file in Visual Studio.  

⭕ Critical | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

  • CVE-2023-29332 impacts Azure Kubernetes Service (AKS) which can be targeted from distance through a straightforward method without the attacker needing any specific privileges. If exploited successfully this would grant the attacker Cluster Administrator privileges.


September's Patch Tuesday Addressing Zero-day Flaws

Microsoft Word Information Disclosure Vulnerability

  • CVE-2023-36761 – Microsoft rolled out OS patches to tackle the vulnerability that can be used to steal NTLM hashes when opening a document, even when it’s opened in the preview pane. NTLM hashes can be cracked or used in NTLM relay attacks to gain access to the account. 

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

  • CVE-2023-36802 – This vulnerability affects the Microsoft Streaming Service Proxy which is related to Microsoft Stream, a video service that uses the power of intelligent enterprise video to enable knowledge sharing, easier communication, and connectivity in a secure enterprise environment. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. 

CISA has also added these two zero-days vulnerabilities to its Known Exploited Vulnerabilities Catalog, requesting users to patch them before October 3, 2023.

Run Secure and Compliant Workloads Anywhere

Let Runecast detect and assess risks, so you can be fully compliant in minutes.

Get Free Trial
Important | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
CVE-2023-36802
Important | Windows Miracast Wireless Display Remote Code Execution Vulnerability
CVE-2023-38147
Important | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-35355
Important | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-38143
Important | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-38144
Important | DHCP Server Service Information Disclosure Vulnerability
CVE-2023-38152
Important | DHCP Server Service Denial of Service Vulnerability
CVE-2023-38162
Important | DHCP Server Service Information Disclosure Vulnerability
CVE-2023-36801
Important | Windows GDI Elevation of Privilege Vulnerability
CVE-2023-36804
Important | Windows GDI Elevation of Privilege Vulnerability
CVE-2023-38161
⭕ Critical | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
CVE-2023-38148
Important | Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38141
Important | Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38142
Important | Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38139
Important | Windows Kernel Information Disclosure Vulnerability
CVE-2023-38140
Important | Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38150
Important | Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36803
Important | Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2023-36805
Important | Windows TCP/IP Information Disclosure Vulnerability
CVE-2023-38160
Important | Windows TCP/IP Denial of Service Vulnerability
CVE-2023-38149
Important | Windows Themes Remote Code Execution Vulnerability
CVE-2023-38146

Runecast Analyzer covers all 21 vulnerabilities, mentioned above, that affect Windows operating systems.

Runecast protects you against all of these vulnerabilities

At Runecast we ensure that all OS vulnerabilities are covered, so you can focus on mitigating threats and ensuring your system is running safe and secure. We keep you updated about the latest vulnerabilities, exploits and security compliance research and pride ourselves on responding quickly and decisively to key news in the IT Security and Operations spaces.

Runecast is an AI-powered platform that gives you complete visibility and proactive control over potential vulnerabilities in your environment. It provides best practices, risk-based vulnerability management, and security and continuous compliance audits to ensure that every aspect of your environment is protected. Additionally, Runecast provides explicit instructions and generates custom remediation scripts, to help IT teams maintain continuous compliance within the environment. The Runecast platform can be deployed to AWS, Azure, Kubernetes, and VMware environments and can operate entirely on-premises or via our new SaaS offering.

Meet other Runecasters here:

Run Secure and Compliant Workloads Anywhere

Let Runecast detect and assess risks, so you can be fully compliant in minutes.

Get Free Trial