...
Подоспел июльский набор патчей, которые устраняют в общей сложности 132 уязвимости. Среди них шесть активно эксплуатируются в реальных кибератаках, а 37 приводят к удалённому выполнению кода в системе.
Девять RCE-брешей получили статус критических, а самое скверное, что одна осталось незакрыта, хотя её вовсю используют злоумышленники. По категориям уязвимости распределились следующим образом:
- 33 приводят к повышению прав.
- 13 — обход защитных средств.
- 37 — удалённое выполнение кода.
- 19 — раскрытие информации.
- 22 — DoS.
- 7 — спуфинг.
Что касается шести уязвимостей нулевого дня (0-day), они получили следующие идентификаторы:
- CVE-2023-32046 — брешь, приводящая к повышению прав. Найдена в платформе Windows MSHTML. Эксплуатация происходит с помощью специально созданного файла, доставляемого по почте или через вредоносные сайты.
- CVE-2023-32049 — обход защитной функции Windows SmartScreen. Атакующие могут запретить вывод предупреждений при скачивании и открытии файлов.
- CVE-2023-36874 — возможность повышения прав в службе Windows, отвечающей за отправку информации об ошибках. Позволяет получить привилегии администратора.
- CVE-2023-36884 — удалённое выполнение кода в Office и Windows HTML. Эксплуатация происходит через специально подготовленный документ Microsoft Office.
- ADV230001 — проблема злонамеренного использования подписанных Microsoft драйверов.
- CVE-2023-35311 — ещё один баг обхода защитных функций. На этот раз в Microsoft Outlook.
Общий список пропатченных уязвимостей выглядит так:
| Затронутый компонент | Идентификатор CVE | Наименование CVE | Степень риска |
| .NET and Visual Studio | CVE-2023-33127 | .NET and Visual Studio Elevation of Privilege Vulnerability | Важная |
| ASP.NET and Visual Studio | CVE-2023-33170 | ASP.NET and Visual Studio Security Feature Bypass Vulnerability | Важная |
| Azure Active Directory | CVE-2023-36871 | Azure Active Directory Security Feature Bypass Vulnerability | Важная |
| Azure Active Directory | CVE-2023-35348 | Active Directory Federation Service Security Feature Bypass Vulnerability | Важная |
| Microsoft Dynamics | CVE-2023-33171 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Важная |
| Microsoft Dynamics | CVE-2023-35335 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Важная |
| Microsoft Graphics Component | CVE-2023-33149 | Microsoft Office Graphics Remote Code Execution Vulnerability | Важная |
| Microsoft Graphics Component | CVE-2023-21756 | Windows Win32k Elevation of Privilege Vulnerability | Важная |
| Microsoft Media-Wiki Extensions | CVE-2023-35333 | MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | Важная |
| Microsoft Office | CVE-2023-33148 | Microsoft Office Elevation of Privilege Vulnerability | Важная |
| Microsoft Office | CVE-2023-36884 | Office and Windows HTML Remote Code Execution Vulnerability | Важная |
| Microsoft Office | CVE-2023-33150 | Microsoft Office Security Feature Bypass Vulnerability | Важная |
| Microsoft Office Access | CVE-2023-33152 | Microsoft ActiveX Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2023-33158 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2023-33161 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2023-33162 | Microsoft Excel Information Disclosure Vulnerability | Важная |
| Microsoft Office Outlook | CVE-2023-33151 | Microsoft Outlook Spoofing Vulnerability | Важная |
| Microsoft Office Outlook | CVE-2023-33153 | Microsoft Outlook Remote Code Execution Vulnerability | Важная |
| Microsoft Office Outlook | CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2023-33134 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2023-33160 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Критическая |
| Microsoft Office SharePoint | CVE-2023-33165 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2023-33157 | Microsoft SharePoint Remote Code Execution Vulnerability | Критическая |
| Microsoft Office SharePoint | CVE-2023-33159 | Microsoft SharePoint Server Spoofing Vulnerability | Важная |
| Microsoft Power Apps | CVE-2023-32052 | Microsoft Power Apps Spoofing Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-32085 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-35302 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-35296 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-35324 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-32040 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-35306 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Важная |
| Microsoft Printer Drivers | CVE-2023-32039 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Важная |
| Microsoft Windows Codecs Library | CVE-2023-35303 | USB Audio Class System Driver Remote Code Execution Vulnerability | Важная |
| Microsoft Windows Codecs Library | CVE-2023-36872 | VP9 Video Extensions Information Disclosure Vulnerability | Важная |
| Microsoft Windows Codecs Library | CVE-2023-32051 | Raw Image Extension Remote Code Execution Vulnerability | Важная |
| Mono Authenticode | CVE-2023-35373 | Mono Authenticode Validation Spoofing Vulnerability | Важная |
| Paint 3D | CVE-2023-35374 | Paint 3D Remote Code Execution Vulnerability | Важная |
| Paint 3D | CVE-2023-32047 | Paint 3D Remote Code Execution Vulnerability | Важная |
| Role: DNS Server | CVE-2023-35310 | Windows DNS Server Remote Code Execution Vulnerability | Важная |
| Role: DNS Server | CVE-2023-35346 | Windows DNS Server Remote Code Execution Vulnerability | Важная |
| Role: DNS Server | CVE-2023-35345 | Windows DNS Server Remote Code Execution Vulnerability | Важная |
| Role: DNS Server | CVE-2023-35344 | Windows DNS Server Remote Code Execution Vulnerability | Важная |
| Service Fabric | CVE-2023-36868 | Azure Service Fabric on Windows Information Disclosure Vulnerability | Важная |
| Visual Studio Code | CVE-2023-36867 | Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | Важная |
| Windows Active Directory Certificate Services | CVE-2023-35351 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | Важная |
| Windows Active Directory Certificate Services | CVE-2023-35350 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | Важная |
| Windows Active Template Library | CVE-2023-32055 | Active Template Library Elevation of Privilege Vulnerability | Важная |
| Windows Admin Center | CVE-2023-29347 | Windows Admin Center Spoofing Vulnerability | Важная |
| Windows App Store | CVE-2023-35347 | Microsoft Install Service Elevation of Privilege Vulnerability | Важная |
| Windows Authentication Methods | CVE-2023-35329 | Windows Authentication Denial of Service Vulnerability | Важная |
| Windows CDP User Components | CVE-2023-35326 | Windows CDP User Components Information Disclosure Vulnerability | Важная |
| Windows Certificates | ADV230001 | Guidance on Microsoft Signed Drivers Being Used Maliciously | Неизвестно |
| Windows Clip Service | CVE-2023-35362 | Windows Clip Service Elevation of Privilege Vulnerability | Важная |
| Windows Cloud Files Mini Filter Driver | CVE-2023-33155 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Важная |
| Windows Cluster Server | CVE-2023-32033 | Microsoft Failover Cluster Remote Code Execution Vulnerability | Важная |
| Windows CNG Key Isolation Service | CVE-2023-35340 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | Важная |
| Windows Common Log File System Driver | CVE-2023-35299 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Важная |
| Windows Connected User Experiences and Telemetry | CVE-2023-35320 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Важная |
| Windows Connected User Experiences and Telemetry | CVE-2023-35353 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Важная |
| Windows CryptoAPI | CVE-2023-35339 | Windows CryptoAPI Denial of Service Vulnerability | Важная |
| Windows Cryptographic Services | CVE-2023-33174 | Windows Cryptographic Information Disclosure Vulnerability | Важная |
| Windows Defender | CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | Важная |
| Windows Deployment Services | CVE-2023-35322 | Windows Deployment Services Remote Code Execution Vulnerability | Важная |
| Windows Deployment Services | CVE-2023-35321 | Windows Deployment Services Denial of Service Vulnerability | Важная |
| Windows EFI Partition | ADV230002 | Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules | Важная |
| Windows Error Reporting | CVE-2023-36874 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Важная |
| Windows Failover Cluster | CVE-2023-32083 | Microsoft Failover Cluster Information Disclosure Vulnerability | Важная |
| Windows Geolocation Service | CVE-2023-35343 | Windows Geolocation Service Remote Code Execution Vulnerability | Важная |
| Windows HTTP.sys | CVE-2023-32084 | HTTP.sys Denial of Service Vulnerability | Важная |
| Windows HTTP.sys | CVE-2023-35298 | HTTP.sys Denial of Service Vulnerability | Важная |
| Windows Image Acquisition | CVE-2023-35342 | Windows Image Acquisition Elevation of Privilege Vulnerability | Важная |
| Windows Installer | CVE-2023-32053 | Windows Installer Elevation of Privilege Vulnerability | Важная |
| Windows Installer | CVE-2023-32050 | Windows Installer Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2023-35304 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2023-35363 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2023-35305 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2023-35356 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2023-35357 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2023-35358 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Layer 2 Tunneling Protocol | CVE-2023-32037 | Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | Важная |
| Windows Layer-2 Bridge Network Driver | CVE-2023-35315 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | Критическая |
| Windows Local Security Authority (LSA) | CVE-2023-35331 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | Важная |
| Windows Media | CVE-2023-35341 | Microsoft DirectMusic Information Disclosure Vulnerability | Важная |
| Windows Message Queuing | CVE-2023-32057 | Microsoft Message Queuing Remote Code Execution Vulnerability | Критическая |
| Windows Message Queuing | CVE-2023-35309 | Microsoft Message Queuing Remote Code Execution Vulnerability | Важная |
| Windows Message Queuing | CVE-2023-32045 | Microsoft Message Queuing Denial of Service Vulnerability | Важная |
| Windows Message Queuing | CVE-2023-32044 | Microsoft Message Queuing Denial of Service Vulnerability | Важная |
| Windows MSHTML Platform | CVE-2023-32046 | Windows MSHTML Platform Elevation of Privilege Vulnerability | Важная |
| Windows MSHTML Platform | CVE-2023-35336 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Важная |
| Windows MSHTML Platform | CVE-2023-35308 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Важная |
| Windows Netlogon | CVE-2023-21526 | Windows Netlogon Information Disclosure Vulnerability | Важная |
| Windows Network Load Balancing | CVE-2023-33163 | Windows Network Load Balancing Remote Code Execution Vulnerability | Важная |
| Windows NT OS Kernel | CVE-2023-35361 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows NT OS Kernel | CVE-2023-35364 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows NT OS Kernel | CVE-2023-35360 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows ODBC Driver | CVE-2023-32038 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Важная |
| Windows OLE | CVE-2023-32042 | OLE Automation Information Disclosure Vulnerability | Важная |
| Windows Online Certificate Status Protocol (OCSP) SnapIn | CVE-2023-35323 | Windows OLE Remote Code Execution Vulnerability | Важная |
| Windows Online Certificate Status Protocol (OCSP) SnapIn | CVE-2023-35313 | Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability | Важная |
| Windows Partition Management Driver | CVE-2023-33154 | Windows Partition Management Driver Elevation of Privilege Vulnerability | Важная |
| Windows Peer Name Resolution Protocol | CVE-2023-35338 | Windows Peer Name Resolution Protocol Denial of Service Vulnerability | Важная |
| Windows PGM | CVE-2023-35297 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Критическая |
| Windows Print Spooler Components | CVE-2023-35325 | Windows Print Spooler Information Disclosure Vulnerability | Важная |
| Windows Remote Desktop | CVE-2023-35352 | Windows Remote Desktop Security Feature Bypass Vulnerability | Критическая |
| Windows Remote Desktop | CVE-2023-32043 | Windows Remote Desktop Security Feature Bypass Vulnerability | Важная |
| Windows Remote Desktop | CVE-2023-35332 | Windows Remote Desktop Protocol Security Feature Bypass | Важная |
| Windows Remote Procedure Call | CVE-2023-35300 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33168 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33173 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33172 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-32035 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33166 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-32034 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33167 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33169 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-35318 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-33164 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-35319 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-35316 | Remote Procedure Call Runtime Information Disclosure Vulnerability | Важная |
| Windows Remote Procedure Call | CVE-2023-35314 | Remote Procedure Call Runtime Denial of Service Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Критическая |
| Windows Routing and Remote Access Service (RRAS) | CVE-2023-35366 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Критическая |
| Windows Routing and Remote Access Service (RRAS) | CVE-2023-35365 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Критическая |
| Windows Server Update Service | CVE-2023-35317 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Важная |
| Windows Server Update Service | CVE-2023-32056 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Важная |
| Windows SmartScreen | CVE-2023-32049 | Windows SmartScreen Security Feature Bypass Vulnerability | Важная |
| Windows SPNEGO Extended Negotiation | CVE-2023-35330 | Windows Extended Negotiation Denial of Service Vulnerability | Важная |
| Windows Transaction Manager | CVE-2023-35328 | Windows Transaction Manager Elevation of Privilege Vulnerability | Важная |
| Windows Update Orchestrator Service | CVE-2023-32041 | Windows Update Orchestrator Service Information Disclosure Vulnerability | Важная |
| Windows VOLSNAP.SYS | CVE-2023-35312 | Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | Важная |
| Windows Volume Shadow Copy | CVE-2023-32054 | Volume Shadow Copy Elevation of Privilege Vulnerability | Важная |
| Windows Win32K | CVE-2023-35337 | Win32k Elevation of Privilege Vulnerability | Важная |
