Microsoft Security Bulletin Coverage for September 2023

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of September 2023. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
ASPY 476: Exploit-exe exe.MP_338

CVE-2023-38142 Windows Kernel Elevation of Privilege Vulnerability
ASPY 479:Exploit-py py.MP_3

CVE-2023-38143 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 477:Exploit-exe exe.MP_339

CVE-2023-38144 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 478:Exploit-exe exe.MP_340

CVE-2023-38148 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
IPS 4033:Windows ICS Remote Code Execution (CVE-2023-38148)

CVE-2023-38152 DHCP Server Service Information Disclosure Vulnerability
IPS 4032:Windows DHCP Server Information Disclosure (CVE-2023-38152)

The following vulnerabilities are under investigation:
CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability
There are exploits in the wild; SonicWall is investigating this CVE.

The following vulnerabilities do not have exploits in the wild :
CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-33136 Azure DevOps Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-35355 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36736 Microsoft Identity Linux Broker Arbitrary Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36739 3D Viewer Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36740 3D Viewer Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36742 Visual Studio Code Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36744 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36745 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36756 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36757 Microsoft Exchange Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-36758 Visual Studio Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36759 Visual Studio Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36760 3D Viewer Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36762 Microsoft Word Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36763 Microsoft Outlook Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36764 Microsoft SharePoint Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36765 Microsoft Office Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36766 Microsoft Excel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36767 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-36770 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36771 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36772 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36773 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36777 Microsoft Exchange Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36788 .NET Framework Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36792 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36793 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36794 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36796 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-36799 .NET Core and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-36800 Dynamics Finance and Operations Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-36801 DHCP Server Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36803 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-36804 Windows GDI Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-36805 Windows MSHTML Platform Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-36886 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-38139 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38140 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-38141 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38146 Windows Themes Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38147 Windows Miracast Wireless Display Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-38149 Windows TCP/IP Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-38150 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38155 Azure DevOps Server and Team Foundation Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38156 Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38160 Windows TCP/IP Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-38161 Windows GDI Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-38162 DHCP Server Service Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-38163 Windows Defender Attack Surface Reduction Security Feature Bypass
There are no known exploits in the wild.
CVE-2023-38164 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-41764 Microsoft Office Spoofing Vulnerability
There are no known exploits in the wild.

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.