Microsoft Releases November 2023 Security Updates

Microsoft Releases November 2023 Security Updates th.bing.com

Overview

Microsoft has released its monthly security updates for November 2023, addressing 63 vulnerabilities across its products and services. The updates include fixes for 14 critical flaws, 48 important flaws, and one moderate flaw. Among the critical flaws, six are remote code execution vulnerabilities, four are memory corruption vulnerabilities, two are elevation of privilege vulnerabilities, one is a security feature bypass vulnerability, and one is an information disclosure vulnerability.

Highlights

Some of the notable vulnerabilities fixed in this release are:

  • CVE-2023-36035: A remote code execution vulnerability in Microsoft Exchange Server that could allow an attacker to run arbitrary code on the server by sending a specially crafted email message. This vulnerability affects Exchange Server 2019, 2016, and 2013.
  • CVE-2023-36050: A remote code execution vulnerability in Microsoft Exchange Server that could allow an attacker to run arbitrary code on the server by exploiting a deserialization flaw in the Unified Messaging service. This vulnerability affects Exchange Server 2019, 2016, and 2013.
  • CVE-2023-36392: A remote code execution vulnerability in Windows DHCP Server that could allow an attacker to run arbitrary code on the server by sending a specially crafted DHCP packet. This vulnerability affects Windows Server 2022, 2019, 2016, 2012 R2, and 2008 R2 SP1.
  • CVE-2023-36406: A remote code execution vulnerability in Windows Hyper-V that could allow an attacker to run arbitrary code on the host operating system by exploiting a flaw in the virtual machine switch. This vulnerability affects Windows 10, Windows 8.1, Windows Server 2022, 2019, 2016, 2012 R2, and 2008 R2 SP1.
  • CVE-2023-36408: A remote code execution vulnerability in Microsoft Dynamics that could allow an attacker to run arbitrary code on the server by exploiting a flaw in the web services component. This vulnerability affects Dynamics 365 (on-premises) 9.0 and 8.2.

Recommendations

Microsoft recommends that users and administrators apply the security updates as soon as possible to protect their systems from potential attacks. Users can obtain the updates via the Microsoft Update Catalog, Windows Update, or other update management solutions. Administrators can also use the Microsoft Security Update Guide to find detailed information about each vulnerability and its impact, as well as the affected products and versions.

  • [Microsoft November 2023 Security Updates]2
  • [Microsoft Security Response Center]
  • [Microsoft Security Update Guide]
by Yuda Prawira

Related

Google Gemini: The AI model that can write like a human

Google Gemini: The AI model that can write like a human

Software
What is the difference between Gemini and GPT-3

What is the difference between Gemini and GPT-3

Software
Gemini: Google's Final Answer to OpenAI's ChatGPT Supremacy

Gemini: Google's Final Answer to OpenAI's ChatGPT Supremacy

Software
Google Gemini: The Next-Generation Search Engine

Google Gemini: The Next-Generation Search Engine

Software
Microsoft Office 2024: What's New and How to Get It

Microsoft Office 2024: What's New and How to Get It

Software
AI Chatbot Software: The Future of Customer Service

AI Chatbot Software: The Future of Customer Service

Software
ChatGPT: A New Chatbot Powered by GPT-4

ChatGPT: A New Chatbot Powered by GPT-4

Software
Mac OS 14 Sonoma: What's New and How to Get It

Mac OS 14 Sonoma: What's New and How to Get It

Software