Microsoft's Security Response Center has released critical updates for multiple vulnerabilities. Organizations must apply these patches immediately to prevent exploitation.
The Microsoft Security Response Center (MSRC) has released critical security updates addressing multiple vulnerabilities affecting Microsoft products. This month's Patch Tuesday includes fixes for issues that could allow remote code execution, privilege escalation, and information disclosure.
Critical Vulnerabilities Addressed:
Windows 10 and 11 (Versions 21H2, 22H2, 23H2)
- CVE-2023-23397: Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVSS Score: 7.8 (High)
- Allows attackers to gain elevated privileges
- CVE-2023-28252: Windows Graphics Component Remote Code Execution Vulnerability
- CVSS Score: 8.8 (High)
- Could allow remote code execution
Microsoft Office and 365
- CVE-2023-21715: Microsoft Office Remote Code Execution Vulnerability
- CVSS Score: 8.1 (High)
- Exploitable through malicious Office documents
- CVE-2023-36874: SharePoint Server Information Disclosure Vulnerability
- CVSS Score: 5.3 (Medium)
- Could expose sensitive information
Microsoft Edge (Chromium-based)
- CVE-2023-3656: Chromium-based Edge Remote Code Execution Vulnerability
- CVSS Score: 8.8 (High)
- Exploitable through malicious websites
MSRC Response Process: The Microsoft Security Response Center follows a coordinated vulnerability disclosure process. When vulnerabilities are reported, MSRC works with researchers to develop patches before public disclosure. This month's patches address vulnerabilities reported through Microsoft's Bug Bounty Program and coordinated disclosure channels.
Deployment Recommendations: Organizations should follow these steps to ensure proper patch deployment:
- Assess vulnerability impact on your environment
- Test patches in a non-production environment
- Schedule deployment during maintenance windows
- Monitor deployment status and success
- Verify patches were successfully applied
- Document all patch activities
The patches are available through multiple channels:
- Windows Update
- Microsoft Update Catalog
- Windows Server Update Services (WSUS)
- Microsoft Endpoint Configuration Manager
Timeline:
- Release Date: October 10, 2023
- Next Security Update: November 14, 2023
- Exploitation Status: Limited active exploitation observed
For detailed information on each vulnerability, refer to the Microsoft Security Guide and the MSRC Blog.
The Microsoft Security Response Center provides additional resources for incident response. Organizations with legacy systems should contact Microsoft Support for extended support options.
Failure to apply these updates promptly may result in system compromise, data theft, and ransomware deployment. Attackers are actively scanning for unpatched systems.
Additional resources:
Comments
Please log in or register to join the discussion