Deprecated: Function create_function() is deprecated in /home/phototor/domains/phototor.com/public_html/wp-content/themes/premium-photography/inc/photo-widgets.php on line 3
Microsoft July 2023 Patch released | Suman Tiwari Travellography, Cyber Security & Photography Blog Microsoft July 2023 Patch released – Suman Tiwari Travellography, Cyber Security & Photography Blog

Microsoft July 2023 Patch released

Microsoft in its July 2023 Patch Tuesday release addresses 6 zero-days and 132 flaws

Below is the list of the addressed vulnerabilities in the July 2023 Patch Tuesday release:

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2023-33127.NET and Visual Studio Elevation of Privilege VulnerabilityImportant
ASP.NET and Visual StudioCVE-2023-33170ASP.NET and Visual Studio Security Feature Bypass VulnerabilityImportant
Azure Active DirectoryCVE-2023-36871Azure Active Directory Security Feature Bypass VulnerabilityImportant
Azure Active DirectoryCVE-2023-35348Active Directory Federation Service Security Feature Bypass VulnerabilityImportant
Microsoft DynamicsCVE-2023-33171Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2023-35335Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft Graphics ComponentCVE-2023-33149Microsoft Office Graphics Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2023-21756Windows Win32k Elevation of Privilege VulnerabilityImportant
Microsoft Media-Wiki ExtensionsCVE-2023-35333MediaWiki PandocUpload Extension Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2023-33148Microsoft Office Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2023-36884Office and Windows HTML Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2023-33150Microsoft Office Security Feature Bypass VulnerabilityImportant
Microsoft Office AccessCVE-2023-33152Microsoft ActiveX Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2023-33158Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2023-33161Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2023-33162Microsoft Excel Information Disclosure VulnerabilityImportant
Microsoft Office OutlookCVE-2023-33151Microsoft Outlook Spoofing VulnerabilityImportant
Microsoft Office OutlookCVE-2023-33153Microsoft Outlook Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2023-35311Microsoft Outlook Security Feature Bypass VulnerabilityImportant
Microsoft Office SharePointCVE-2023-33134Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2023-33160Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2023-33165Microsoft SharePoint Server Security Feature Bypass VulnerabilityImportant
Microsoft Office SharePointCVE-2023-33157Microsoft SharePoint Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2023-33159Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Power AppsCVE-2023-32052Microsoft Power Apps Spoofing VulnerabilityImportant
Microsoft Printer DriversCVE-2023-32085Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportant
Microsoft Printer DriversCVE-2023-35302Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportant
Microsoft Printer DriversCVE-2023-35296Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportant
Microsoft Printer DriversCVE-2023-35324Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportant
Microsoft Printer DriversCVE-2023-32040Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportant
Microsoft Printer DriversCVE-2023-35306Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportant
Microsoft Printer DriversCVE-2023-32039Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2023-35303USB Audio Class System Driver Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2023-36872VP9 Video Extensions Information Disclosure VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2023-32051Raw Image Extension Remote Code Execution VulnerabilityImportant
Mono AuthenticodeCVE-2023-35373Mono Authenticode Validation Spoofing VulnerabilityImportant
Paint 3DCVE-2023-35374Paint 3D Remote Code Execution VulnerabilityImportant
Paint 3DCVE-2023-32047Paint 3D Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2023-35310Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2023-35346Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2023-35345Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2023-35344Windows DNS Server Remote Code Execution VulnerabilityImportant
Service FabricCVE-2023-36868Azure Service Fabric on Windows Information Disclosure VulnerabilityImportant
Visual Studio CodeCVE-2023-36867Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution VulnerabilityImportant
Windows Active Directory Certificate ServicesCVE-2023-35351Windows Active Directory Certificate Services (AD CS) Remote Code Execution VulnerabilityImportant
Windows Active Directory Certificate ServicesCVE-2023-35350Windows Active Directory Certificate Services (AD CS) Remote Code Execution VulnerabilityImportant
Windows Active Template LibraryCVE-2023-32055Active Template Library Elevation of Privilege VulnerabilityImportant
Windows Admin CenterCVE-2023-29347Windows Admin Center Spoofing VulnerabilityImportant
Windows App StoreCVE-2023-35347Microsoft Install Service Elevation of Privilege VulnerabilityImportant
Windows Authentication MethodsCVE-2023-35329Windows Authentication Denial of Service VulnerabilityImportant
Windows CDP User ComponentsCVE-2023-35326Windows CDP User Components Information Disclosure VulnerabilityImportant
Windows CertificatesADV230001Guidance on Microsoft Signed Drivers Being Used MaliciouslyNone
Windows Clip ServiceCVE-2023-35362Windows Clip Service Elevation of Privilege VulnerabilityImportant
Windows Cloud Files Mini Filter DriverCVE-2023-33155Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportant
Windows Cluster ServerCVE-2023-32033Microsoft Failover Cluster Remote Code Execution VulnerabilityImportant
Windows CNG Key Isolation ServiceCVE-2023-35340Windows CNG Key Isolation Service Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2023-35299Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Connected User Experiences and TelemetryCVE-2023-35320Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityImportant
Windows Connected User Experiences and TelemetryCVE-2023-35353Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityImportant
Windows CryptoAPICVE-2023-35339Windows CryptoAPI Denial of Service VulnerabilityImportant
Windows Cryptographic ServicesCVE-2023-33174Windows Cryptographic Information Disclosure VulnerabilityImportant
Windows DefenderCVE-2023-33156Microsoft Defender Elevation of Privilege VulnerabilityImportant
Windows Deployment ServicesCVE-2023-35322Windows Deployment Services Remote Code Execution VulnerabilityImportant
Windows Deployment ServicesCVE-2023-35321Windows Deployment Services Denial of Service VulnerabilityImportant
Windows EFI PartitionADV230002Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI ModulesImportant
Windows Error ReportingCVE-2023-36874Windows Error Reporting Service Elevation of Privilege VulnerabilityImportant
Windows Failover ClusterCVE-2023-32083Microsoft Failover Cluster Information Disclosure VulnerabilityImportant
Windows Geolocation ServiceCVE-2023-35343Windows Geolocation Service Remote Code Execution VulnerabilityImportant
Windows HTTP.sysCVE-2023-32084HTTP.sys Denial of Service VulnerabilityImportant
Windows HTTP.sysCVE-2023-35298HTTP.sys Denial of Service VulnerabilityImportant
Windows Image AcquisitionCVE-2023-35342Windows Image Acquisition Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2023-32053Windows Installer Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2023-32050Windows Installer Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35304Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35363Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35305Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35356Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35357Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2023-35358Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows Layer 2 Tunneling ProtocolCVE-2023-32037Windows Layer-2 Bridge Network Driver Information Disclosure VulnerabilityImportant
Windows Layer-2 Bridge Network DriverCVE-2023-35315Windows Layer-2 Bridge Network Driver Remote Code Execution VulnerabilityCritical
Windows Local Security Authority (LSA)CVE-2023-35331Windows Local Security Authority (LSA) Denial of Service VulnerabilityImportant
Windows MediaCVE-2023-35341Microsoft DirectMusic Information Disclosure VulnerabilityImportant
Windows Message QueuingCVE-2023-32057Microsoft Message Queuing Remote Code Execution VulnerabilityCritical
Windows Message QueuingCVE-2023-35309Microsoft Message Queuing Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2023-32045Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2023-32044Microsoft Message Queuing Denial of Service VulnerabilityImportant
Windows MSHTML PlatformCVE-2023-32046Windows MSHTML Platform Elevation of Privilege VulnerabilityImportant
Windows MSHTML PlatformCVE-2023-35336Windows MSHTML Platform Security Feature Bypass VulnerabilityImportant
Windows MSHTML PlatformCVE-2023-35308Windows MSHTML Platform Security Feature Bypass VulnerabilityImportant
Windows NetlogonCVE-2023-21526Windows Netlogon Information Disclosure VulnerabilityImportant
Windows Network Load BalancingCVE-2023-33163Windows Network Load Balancing Remote Code Execution VulnerabilityImportant
Windows NT OS KernelCVE-2023-35361Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows NT OS KernelCVE-2023-35364Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows NT OS KernelCVE-2023-35360Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows ODBC DriverCVE-2023-32038Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
Windows OLECVE-2023-32042OLE Automation Information Disclosure VulnerabilityImportant
Windows Online Certificate Status Protocol (OCSP) SnapInCVE-2023-35323Windows OLE Remote Code Execution VulnerabilityImportant
Windows Online Certificate Status Protocol (OCSP) SnapInCVE-2023-35313Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution VulnerabilityImportant
Windows Partition Management DriverCVE-2023-33154Windows Partition Management Driver Elevation of Privilege VulnerabilityImportant
Windows Peer Name Resolution ProtocolCVE-2023-35338Windows Peer Name Resolution Protocol Denial of Service VulnerabilityImportant
Windows PGMCVE-2023-35297Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCritical
Windows Print Spooler ComponentsCVE-2023-35325Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Remote DesktopCVE-2023-35352Windows Remote Desktop Security Feature Bypass VulnerabilityCritical
Windows Remote DesktopCVE-2023-32043Windows Remote Desktop Security Feature Bypass VulnerabilityImportant
Windows Remote DesktopCVE-2023-35332Windows Remote Desktop Protocol Security Feature BypassImportant
Windows Remote Procedure CallCVE-2023-35300Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33168Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33173Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33172Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-32035Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33166Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-32034Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33167Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33169Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-35318Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-33164Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-35319Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-35316Remote Procedure Call Runtime Information Disclosure VulnerabilityImportant
Windows Remote Procedure CallCVE-2023-35314Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2023-35367Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCritical
Windows Routing and Remote Access Service (RRAS)CVE-2023-35366Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCritical
Windows Routing and Remote Access Service (RRAS)CVE-2023-35365Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCritical
Windows Server Update ServiceCVE-2023-35317Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityImportant
Windows Server Update ServiceCVE-2023-32056Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityImportant
Windows SmartScreenCVE-2023-32049Windows SmartScreen Security Feature Bypass VulnerabilityImportant
Windows SPNEGO Extended NegotiationCVE-2023-35330Windows Extended Negotiation Denial of Service VulnerabilityImportant
Windows Transaction ManagerCVE-2023-35328Windows Transaction Manager Elevation of Privilege VulnerabilityImportant
Windows Update Orchestrator ServiceCVE-2023-32041Windows Update Orchestrator Service Information Disclosure VulnerabilityImportant
Windows VOLSNAP.SYSCVE-2023-35312Microsoft VOLSNAP.SYS Elevation of Privilege VulnerabilityImportant
Windows Volume Shadow CopyCVE-2023-32054Volume Shadow Copy Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2023-35337Win32k Elevation of Privilege VulnerabilityImportant

Important Links and References:

https://support.microsoft.com/en-us/topic/july-2023-updates-for-microsoft-office-827d5944-24f9-41ea-ae02-0fa02f837e8f

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2023-patch-tuesday-warns-of-6-zero-days-132-flaws/

https://msrc.microsoft.com/update-guide/releaseNote/2023-Jul

https://blog.qualys.com/vulnerabilities-threat-research/2023/07/11/microsoft-patch-tuesday-july-2023-security-update-review

About Author:

Suman Tiwari CPISI Exam Guide

Suman Tiwari is a Cyber Security Professional by Profession and photographer by passion.

His Linkedin profile can be visited here for more details.

Leave a Reply

Your email address will not be published. Required fields are marked *