Microsoft Security Bulletin Coverage for August 2023

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of August 2023. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2023-35359 Windows Kernel Elevation of Privilege Vulnerability
ASPY 467: Exploit-exe exe.MP_334

CVE-2023-35380 Windows Kernel Elevation of Privilege Vulnerability
ASPY 465: Exploit-exe exe.MP_332

CVE-2023-35382 Windows Kernel Elevation of Privilege Vulnerability
ASPY 466: Exploit-exe exe.MP_333

CVE-2023-35384 Windows HTML Platforms Security Feature Bypass Vulnerability
IPS 15908: Windows HTML Platforms Security Feature Bypass (CVE-2023-35384)

CVE-2023-35386 Windows Kernel Elevation of Privilege Vulnerability
ASPY 469: Exploit-exe exe.MP_336

CVE-2023-36900 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 470: Exploit-exe exe.MP_337

The following vulnerabilities do not have exploits in the wild :
CVE-2023-21709 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-29328 Microsoft Teams Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-29330 Microsoft Teams Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35368 Microsoft Exchange Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35371 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35372 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35376 Microsoft Message Queuing Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-35377 Microsoft Message Queuing Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-35378 Windows Projected File System Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-35379 Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-35381 Windows Fax Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35383 Microsoft Message Queuing Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-35385 Microsoft Message Queuing Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35387 Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-35388 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35389 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35390 .NET and Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35391 ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-35393 Azure Apache Hive Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-35394 Azure HDInsight Jupyter Notebook Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36865 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36866 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36869 Azure DevOps Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36873 .NET Framework Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36876 Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36877 Azure Apache Oozie Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36881 Azure Apache Ambari Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36882 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36889 Windows Group Policy Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-36890 Microsoft SharePoint Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36891 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36892 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36893 Microsoft Outlook Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36894 Microsoft SharePoint Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36895 Microsoft Outlook Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36896 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36897 Visual Studio Tools for Office Runtime Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36898 Tablet Windows User Interface Application Core Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36899 ASP.NET Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36903 Windows System Assessment Tool Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36904 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36905 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36906 Windows Cryptographic Services Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36907 Windows Cryptographic Services Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36908 Windows Hyper-V Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36909 Microsoft Message Queuing Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-36910 Microsoft Message Queuing Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36911 Microsoft Message Queuing Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36912 Microsoft Message Queuing Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-36913 Microsoft Message Queuing Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36914 Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-38154 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38167 Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38169 Microsoft OLE DB Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38170 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38172 Microsoft Message Queuing Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-38175 Microsoft Windows Defender Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38176 Azure Arc-Enabled Servers Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38178 .NET Core and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-38180 .NET and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-38181 Microsoft Exchange Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-38182 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38184 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38185 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38186 Windows Mobile Device Management Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38188 Azure Apache Hadoop Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-38254 Microsoft Message Queuing Denial of Service Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.