{"id":23584,"date":"2023-12-12T15:21:05","date_gmt":"2023-12-12T23:21:05","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/12\/12\/news-17314\/"},"modified":"2023-12-12T15:21:05","modified_gmt":"2023-12-12T23:21:05","slug":"news-17314","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/12\/12\/news-17314\/","title":{"rendered":"From Microsoft to you, 33 packages"},"content":{"rendered":"<p><strong>Credit to Author: Angela Gunn| Date: Tue, 12 Dec 2023 22:12:08 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\">\n<p>Microsoft on Tuesday released patches for 33 vulnerabilities, including 24 for Windows. Five other product groups are also affected. Of the CVEs addressed, just four are considered Critical in severity \u2013 at least by Microsoft. (More on that in a second.) Three of Microsoft\u2019s Critical-severity patches affect Windows, while the other one affects both Azure and Microsoft Power Platform Connector. (Connectors are proxies or wrappers around APIs that allow the underlying services to connect to each other; Microsoft has a very large ecosystem of these integration tools.)<\/p>\n<p>At patch time, none of the issues are known to be under exploit in the wild, and none have been publicly disclosed. However, fully a third of the addressed vulnerabilities in Windows and Defender \u2013 11 CVEs &#8212; are by the company\u2019s estimation more likely to be exploited in the next 30 days.<\/p>\n<p>In addition to those CVEs, Microsoft lists one official advisory, ADV990001, which covers their latest servicing stack updates. However, Edge-related issues, which are not tallied in the official count, make a strong showing this month with nine CVEs. Seven of those, including five coming to Edge through the Chromium project, were released on December 7. Of the other two released today, one elevation-of-privilege vulnerability (CVE-2023-35618) has the peculiar quality of being a mere moderate-severity issue in Microsoft\u2019s estimation, but worth a critical-class 9.6 CVSS base score. The issue requires a sandbox escape to function, and Microsoft assesses it as less likely to be exploited within the next 30 days, but we do recommend keeping Edge and other Chromium-based browsers up to date.<\/p>\n<p>We don\u2019t include Edge issues in the CVE counts and graphics below, but we\u2019ll provide information on everything in an appendix at the end of the article. We are as usual including at the end of this post three other appendices listing all Microsoft\u2019s patches, sorted by severity, by predicted exploitability, and by product family.<\/p>\n<p><strong>By the numbers<\/strong><\/p>\n<ul>\n<li>\n<li> Total Microsoft CVEs: 33\n<li> Total Microsoft advisories shipping in update: 1\n<li> Total Edge \/ Chromium issues covered in update: 9\n<li> Publicly disclosed: 0\n<li> Exploited: 0\n<li>\n<ul> Severity:<\/p>\n<li> Critical: 4\n<li> Important: 29 <\/ul>\n<li>\n<ul> Impact:<\/p>\n<li> Elevation of Privilege: 10\n<li> Remote Code Execution: 8\n<li> Denial of Service: 5\n<li> Information Disclosure: 5\n<li> Spoofing: 5 <\/ul>\n<\/ul>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-01.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-952895\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-01.png\" alt=\"A bar chart showing December 2023 patches by impact and severity, as described in text\" width=\"640\" height=\"416\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-01.png 837w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-01.png?resize=300,195 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-01.png?resize=768,499 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 1: Something you don\u2019t see every month: A Critical-class spoofing bug<\/em><\/p>\n<p><strong>Products<\/strong><\/p>\n<ul>\n<li>Windows: 24<\/li>\n<li>Office: 3<\/li>\n<li>Azure: 3 (including one shared with Power Platform)<\/li>\n<li>Dynamics 365: 2<\/li>\n<li>Defender: 1<\/li>\n<li>Power Platform: 1 (shared with Azure)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-02.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-952896\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-02.png\" alt=\"A bar chart showing the December 2023 patches sorted by product family and severity, as described in text\" width=\"640\" height=\"443\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-02.png 784w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-02.png?resize=300,208 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-02.png?resize=768,532 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 2: As usual, Windows CVEs are the bulk of the collection in December. The Critical-class vulnerability visible in both Azure and Power Platform is the same CVE, affecting both product families<\/em><\/p>\n<p><strong>Notable December updates<\/strong><\/p>\n<p>In addition to the issues discussed above, a few interesting items present themselves.<\/p>\n<p><strong>CVE-2023-36019 &#8212; Microsoft Power Platform Connector Spoofing Vulnerability<\/strong><\/p>\n<p>A Critical-severity spoofing issue? Yes, and one in need of your prompt attention \u2013 if you haven\u2019t already given it that. Connectors are crucial <a href=\"https:\/\/learn.microsoft.com\/en-us\/connectors\/connector-reference\/\">behind-the-scenes functionality<\/a> for both Power Platform and Azure, and this issue is significant enough that Microsoft has already notified affected customers about necessary protective actions starting last month. (If this doesn\u2019t ring a bell, you might not have a global administrator role or a Message center privacy reader role; for Logic Apps customer, a notification was sent via Service Health in the Azure Portal under tracking ID 3_SH-LTG.) To exploit this, an attacker would send a malicious link, or they could manipulate a link, file, or application to disguise it as a legitimate and trustworthy one. Microsoft has also published <a href=\"https:\/\/learn.microsoft.com\/en-us\/connectors\/custom-connectors\/#21-oauth-20\">further information<\/a> on mitigations and upcoming changes to authentication for customer connectors.<\/p>\n<p><strong>CVE-2023-35628 &#8212; Windows MSHTML Platform Remote Code Execution Vulnerability<\/strong><\/p>\n<p>The bad news is that this Critical-severity RCE could in some scenarios lead to a drive-by exploit, executing on the victim\u2019s machine before the victim even views a malicious email in Preview Pane, let alone actually opens it. The good news is that according to Microsoft, this vulnerability relies on some complex memory-shaping techniques to work. That said, it affects both client- and server-side operating systems from Windows 10 and Windows Server 2012 R2 forward, and Microsoft believes it&#8217;s one of the 11 more likely to be exploited within the next 30 days. Best not to delay.<\/p>\n<p><strong>CVE-2023-35619 &#8212; Microsoft Outlook for Mac Spoofing Vulnerability<br \/> CVE-2023-36009 &#8212; Microsoft Word Information Disclosure Vulnerability<\/strong><\/p>\n<p>Happy holidays, Apple folk! Microsoft Office LTSC for Mac 2021 takes two Important-severity patches this month.<\/p>\n<p><strong>CVE-2023-35638 &#8212; DHCP Server Service Denial of Service Vulnerability<br \/> CVE-2023-35643 &#8212; DHCP Server Service Information Disclosure Vulnerability<br \/> CVE-2023-36012 &#8212; DHCP Server Service Information Disclosure Vulnerability<\/strong><\/p>\n<p>The 30-year-old Dynamic Host Configuration Protocol takes three Important-severity patches this month, none of which cover the DHCP-centric PoolParty process-injection <a href=\"https:\/\/i.blackhat.com\/EU-23\/Presentations\/EU-23-Leviev-The-Pool-Party-You-Will-Never-Forget.pdf?_gl=1\">technique<\/a> demonstrated at this month\u2019s BlackHat EU.<\/p>\n<p>System administrators are reminded that it is still, overall, a slow month after a busy year of Exchange patches. If possible, this is a good time to catch up on your Exchange patch situation before the 2024 cycle begins.<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-03.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-952897\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-03.png\" alt=\"A bar chart showing the cumulative totals of Microsoft patches for all twelve months of 2023; RCE and EoP have a commanding lead over all other types\" width=\"640\" height=\"414\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-03.png 835w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-03.png?resize=300,194 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/figure-03.png?resize=768,497 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p><em>Figure 3: And as the year rolls to a close, remote code execution issues cement their position at the top of the 2023 charts<\/em><\/p>\n<p><strong>Sophos protections<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p>As you can every month, if you don\u2019t want to wait for your system to pull down Microsoft\u2019s updates itself, you can download them manually from the Windows Update Catalog website. Run the <strong>winver.exe <\/strong>tool to determine which build of Windows 10 or 11 you\u2019re running, then download the Cumulative Update package for your specific system\u2019s architecture and build number.<\/p>\n<p><strong>Appendix A: Vulnerability Impact and Severity<\/strong><\/p>\n<p>This is a list of December\u2019s patches sorted by impact, then sub-sorted by severity. Each list is further arranged by CVE.<\/p>\n<p><strong>Elevation of Privilege (10 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35624<\/td>\n<td width=\"469\">Azure Connected Machine Agent Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35631<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35632<\/td>\n<td width=\"469\">Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35633<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35644<\/td>\n<td width=\"469\">Windows Sysmain Service Elevation of Privilege<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36003<\/td>\n<td width=\"469\">XAML Diagnostics Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36005<\/td>\n<td width=\"469\">Windows Telephony Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36011<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36391<\/td>\n<td width=\"469\">Local Security Authority Subsystem Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36696<\/td>\n<td width=\"469\">Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Remote Code Execution (8 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35628<\/td>\n<td width=\"469\">Windows MSHTML Platform Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35630<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35641<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-21740<\/td>\n<td width=\"469\">Windows Media Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35629<\/td>\n<td width=\"469\">Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35634<\/td>\n<td width=\"469\">Windows Bluetooth Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35639<\/td>\n<td width=\"469\">Microsoft ODBC Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36006<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Spoofing (5 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36019<\/td>\n<td width=\"469\">Microsoft Power Platform Connector Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35619<\/td>\n<td width=\"469\">Microsoft Outlook for Mac Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35622<\/td>\n<td width=\"469\">Windows DNS Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36004<\/td>\n<td width=\"469\">Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36020<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Denial of Service (5 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35621<\/td>\n<td width=\"469\">Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35635<\/td>\n<td width=\"469\">Windows Kernel Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35638<\/td>\n<td width=\"469\">DHCP Server Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35642<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36010<\/td>\n<td width=\"469\">Microsoft Defender Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Information Disclosure (5 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35625<\/td>\n<td width=\"469\">Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35636<\/td>\n<td width=\"469\">Microsoft Outlook Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35643<\/td>\n<td width=\"469\">DHCP Server Service Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36009<\/td>\n<td width=\"469\">Microsoft Word Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36012<\/td>\n<td width=\"469\">DHCP Server Service Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Appendix B: Exploitability<\/strong><\/p>\n<p>This is a list of the December CVEs judged by Microsoft to be more likely to be exploited in the wild within the first 30 days post-release. Each list is further arranged by CVE. No CVEs addressed in the December patch collection are known to be under active exploit in the wild yet.<\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Exploitation more likely within 30 days<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35628<\/td>\n<td width=\"469\">Windows MSHTML Platform Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35631<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35632<\/td>\n<td width=\"469\">Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35633<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35641<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35644<\/td>\n<td width=\"469\">Windows Sysmain Service Elevation of Privilege<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36005<\/td>\n<td width=\"469\">Windows Telephony Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36010<\/td>\n<td width=\"469\">Microsoft Defender Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36011<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36391<\/td>\n<td width=\"469\">Local Security Authority Subsystem Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36696<\/td>\n<td width=\"469\">Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Appendix C: Products Affected<\/strong><\/p>\n<p>This is a list of December\u2019s patches sorted by product family, then sub-sorted by severity. Each list is further arranged by CVE. Patches that are shared among multiple product families are listed multiple times, once for each product family.<\/p>\n<p><strong>Windows (24 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35628<\/td>\n<td width=\"469\">Windows MSHTML Platform Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35630<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35641<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-21740<\/td>\n<td width=\"469\">Windows Media Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35622<\/td>\n<td width=\"469\">Windows DNS Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35629<\/td>\n<td width=\"469\">Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35631<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35632<\/td>\n<td width=\"469\">Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35633<\/td>\n<td width=\"469\">Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35634<\/td>\n<td width=\"469\">Windows Bluetooth Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35635<\/td>\n<td width=\"469\">Windows Kernel Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35638<\/td>\n<td width=\"469\">DHCP Server Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35639<\/td>\n<td width=\"469\">Microsoft ODBC Driver Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35642<\/td>\n<td width=\"469\">Internet Connection Sharing (ICS) Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35643<\/td>\n<td width=\"469\">DHCP Server Service Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35644<\/td>\n<td width=\"469\">Windows Sysmain Service Elevation of Privilege<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36003<\/td>\n<td width=\"469\">XAML Diagnostics Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36004<\/td>\n<td width=\"469\">Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36005<\/td>\n<td width=\"469\">Windows Telephony Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36006<\/td>\n<td width=\"469\">Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36011<\/td>\n<td width=\"469\">Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36012<\/td>\n<td width=\"469\">DHCP Server Service Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36391<\/td>\n<td width=\"469\">Local Security Authority Subsystem Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36696<\/td>\n<td width=\"469\">Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Azure (3 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Critical severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36019<\/td>\n<td width=\"469\">Microsoft Power Platform Connector Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35624<\/td>\n<td width=\"469\">Azure Connected Machine Agent Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35625<\/td>\n<td width=\"469\">Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Office (3 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35619<\/td>\n<td width=\"469\">Microsoft Outlook for Mac Spoofing Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35636<\/td>\n<td width=\"469\">Microsoft Outlook Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36009<\/td>\n<td width=\"469\">Microsoft Word Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Dynamics 365 (2 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35621<\/td>\n<td width=\"469\">Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36020<\/td>\n<td width=\"469\">Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Defender (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36010<\/td>\n<td width=\"469\">Microsoft Defender Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Power Platform (1 CVE)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\" width=\"601\"><strong>Important severity<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36019<\/td>\n<td width=\"469\">Microsoft Power Platform Connector Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Appendix D: Advisories and Other Products<\/strong><\/p>\n<p>This is a list of advisories and information on other relevant CVEs in the December Microsoft release, sorted by product.<\/p>\n<p><strong>Microsoft Servicing Stack Updates<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">ADV990001<\/td>\n<td width=\"469\">Latest Servicing Stack Updates<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>Relevant to Edge \/ Chromium (9 CVEs)<\/strong><\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"132\">CVE-2033-6508<\/td>\n<td width=\"469\">Chromium: CVE-2023-6508 Use after free in Media Stream<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-6509<\/td>\n<td width=\"469\">Chromium: CVE-2023-6509 Use after free in Side Panel Search<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-6510<\/td>\n<td width=\"469\">Chromium: CVE-2023-6510 Use after free in Media Capture<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-6511<\/td>\n<td width=\"469\">Chromium: CVE-2023-6511 Inappropriate implementation in Autofill<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-6512<\/td>\n<td width=\"469\">Chromium: CVE-2023-6512 Inappropriate implementation in Web Browser UI<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35618<\/td>\n<td width=\"469\">Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-35637<\/td>\n<td width=\"469\">Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-36880<\/td>\n<td width=\"469\">Microsoft Edge (Chromium-based) Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td width=\"132\">CVE-2023-38174<\/td>\n<td width=\"469\">Microsoft Edge (Chromium-based) Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2023\/12\/12\/from-microsoft-to-you-33-packages\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/12\/shutterstock_84664081.jpg\"\/><\/p>\n<p><strong>Credit to Author: Angela Gunn| Date: Tue, 12 Dec 2023 22:12:08 +0000<\/strong><\/p>\n<p>The lightest December Patch Tuesday in years still brings a few lumps of coal for infosec stockings<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[20789,129,10516,19245,30601,16771],"class_list":["post-23584","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-dhcp","tag-featured","tag-microsoft","tag-patch-tuesday","tag-power-platform","tag-threat-research"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23584"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23584\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23584"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}