2023年8月16日星期三

Microsoft Monthly Security Update (June 2023)

Last Update Date: 16 Aug 2023 Release Date: 14 Jun 2023

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

[Updated on 2023-06-21]

Installation of the June 2023 Windows update will not enable the resolution of the CVE-2023-32019 vulnerability. To enable the resolution, please refer to the following reference link: https://support.microsoft.com/en-gb/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080

 

[Updated on 2023-08-16]

Microsoft has been released the mitigation of CVE-2023-32019 vulnerability enabled by default. To apply the enabled by default resolution, install the August 2023 Windows update that is dated on or after August 8, 2023. No further user action is required.

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserMedium Risk Medium RiskSecurity Restriction Bypass
Elevation of Privilege
Information Disclosure		 
Exchange ServerMedium Risk Medium RiskRemote Code Execution 
Microsoft DynamicsLow Risk Low RiskSpoofing 
Developer ToolsMedium Risk Medium RiskRemote Code Execution
Denial of Service
Information Disclosure
Spoofing
Elevation of Privilege		 
WindowsMedium Risk Medium RiskDenial of Service
Elevation of Privilege
Security Restriction Bypass
Information Disclosure
Remote Code Execution
Spoofing		 
Microsoft OfficeMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Denial of Service
Spoofing		 
AzureLow Risk Low RiskSpoofing 
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Remote Code Execution
Denial of Service
Information Disclosure
Spoofing		 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 6

Number of 'Low Risk' product(s): 2

Evaluation of overall 'Risk Level': Medium Risk

 

Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Spoofing
  • Security Restriction Bypass

System / Technologies affected

  • Browser
  • Exchange Server
  • Microsoft Dynamics
  • Developer Tools
  • Windows
  • Microsoft Office
  • Azure
  • Extended Security Updates (ESU)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier

Source

Related Link

沒有留言:

發佈留言

訂閱: 發佈留言 (Atom)

Apache Tomcat 多個漏洞

Apache Tomcat 多個漏洞 發佈日期: 2025年06月18日 風險: 中度風險 類型: 伺服器 - 網站伺服器 於 Apache T...