Microsoft July Patch Tuesday: 132 Flaws Addressed Including Six Active Exploits And Thirty-Seven Remote Code Execution Vulnerabilities

• Microsoft’s July 2023 Patch Tuesday saw the release of security updates for 132 flaws, including six that are actively being exploited and 37 that are remote code execution vulnerabilities. The actively exploited vulnerabilities range from privilege elevation flaws to security feature bypass vulnerabilities.
• One particularly concerning remote code execution vulnerability in Microsoft Office and Windows remains unpatched and is currently being exploited, with the known RomCom hacking group amongst those leveraging it. Microsoft has issued guidance and recommended precautions for users until a security update can be released.

Today’s Microsoft Patch Tuesday brings significant fixes in the digital landscape, as the tech giant rolled out security updates for a total of 132 vulnerabilities. Among these flaws are six actively exploited vulnerabilities and thirty-seven remote code execution (RCE) bugs.

Out of the 37 RCE bugs identified, only nine were deemed ‘Critical’ by Microsoft. Alarming reports indicate that one of these RCE flaws remains unpatched and is currently being exploited, according to several cybersecurity firms.

The vulnerabilities are broken down as follows:

• 33 Elevation of Privilege Vulnerabilities
• 13 Security Feature Bypass Vulnerabilities
• 37 Remote Code Execution Vulnerabilities
• 19 Information Disclosure Vulnerabilities
• 22 Denial of Service Vulnerabilities
• 7 Spoofing Vulnerabilities

In an unexpected turn, no vulnerabilities within Microsoft Edge were addressed in the July round of fixes.

The most critical vulnerabilities actively exploited are listed below:

• CVE-2023-32046: This vulnerability is a privilege escalation vulnerability in the MSHTML platform in Windows. It could allow an attacker to gain elevated privileges on a vulnerable system. The affected products include Windows 10, Windows 11, and Windows Server 2022. The NVD score for this vulnerability is 8.8 out of 10. Source: https://nvd.nist.gov/vuln/detail/CVE-2023-32046
• CVE-2023-32049: This vulnerability is a security feature bypass vulnerability in Windows Defender SmartScreen. It could allow an attacker to bypass SmartScreen protection and execute malicious code on a vulnerable system. The affected products include Windows 10, Windows 11, and Windows Server 2022. The NVD score for this vulnerability is 8.8 out of 10. Source: https://nvd.nist.gov/vuln/detail/CVE-2023-32049
• CVE-2023-36874: This vulnerability is a remote code execution vulnerability in the Windows Kernel. It could allow an attacker to take control of a vulnerable system if they can trick the user into opening a malicious file. The affected products include Windows 10, Windows 11, and Windows Server 2022. The NVD score for this vulnerability is 7.8 out of 10. Source: https://nvd.nist.gov/vuln/detail/CVE-2023-36874
• CVE-2023-35311: This vulnerability is a denial of service vulnerability in the Windows Print Spooler service. It could allow an attacker to crash the Print Spooler service and prevent users from printing. The affected products include Windows 10, Windows 11, and Windows Server 2022. The NVD score for this vulnerability is 7.5 out of 10. Source: https://nvd.nist.gov/vuln/detail/CVE-2023-35311
• CVE-2023-35311: This vulnerability is a denial of service vulnerability in the Windows Print Spooler service. It could allow an attacker to crash the Print Spooler service and prevent users from printing. The affected products include Windows 10, Windows 11, and Windows Server 2022. The NVD score for this vulnerability is 7.5 out of 10. Source: https://nvd.nist.gov/vuln/detail/CVE-2023-35311
• ADV230001: This vulnerability is a remote code execution vulnerability in the Windows Print Spooler service. It could allow an attacker to take control of a vulnerable system if they can trick the user into opening a malicious file. The affected products include Windows 10, Windows 11, and Windows Server 2022. The NVD score for this vulnerability is 9.8 out of 10. Source: https://msrc.microsoft.com/update-guide/vulnerability/ADV230001