Today is the second Tuesday of September 2023 and it’s Time to check out the latest security updates from Microsoft.
Today (12/Sep/2023) is the second Tuesday of this month and as part of the September 2023 Microsoft Patch Tuesday Update the company has released a bunch of cumulative updates to resolve vulnerabilities in its operating systems and other products, like the Microsoft Office productivity suite, while also addressing a series of other bugs related to performance and usability. Let’s look at the highlights of Microsoft Patch Tuesday update September 2023 for Windows 11 and Windows 10.
What is Patch Tuesday?
Microsoft Patch Tuesday Update, the colloquial term for Microsoft’s Update Tuesday that falls on the second Tuesday of every month.
Microsoft Patch Tuesday update September 2023
Today’s patch comes with fixes for more than 66 vulnerabilities in Windows, Office, and other components, Where five flaws are classified as ‘Critical’ as they allow privilege elevation, spoofing, or remote code execution, 54 are rated as important in severity and one is rated as moderate. Also, Microsoft has addressed two zero-day publicly exploited vulnerabilities fixed in this month’s updates.
As per the release notes, the September 2023 Microsoft Patch Tuesday Update fixed 17 Elevation of Privilege security issues, 4 security Feature Bypass Vulnerabilities, 24 Remote Code Execution bugs, 9 Information Disclosure vulnerabilities, 3 Denial of Service Vulnerabilities, and 5 Spoofing Vulnerabilities.
September 2023 Patch Tuesday comes with fixes for 66 vulnerabilities, five of these vulnerabilitiesare rated as Critical and 54 as Important and one is rated Moderate in severity.
The two actively exploited zero-day vulnerabilities in today’s updates are
CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
- CVE-2023-36802: Important-rated vulnerability with a CVSS score of 7.8
- Affected Component: Microsoft Streaming Service Proxy, related to Microsoft Stream
- Proof-of-concept not publicly released as of now
- Potential Exploitation: Grants attacker SYSTEM privileges
- Exploited in the wild as a zero-day
- Discovery Credits:
- Valentina Palmiotti from IBM X-Force
- Quan Jin and ze0r from DBAPPSecurity WeBin Lab
- Microsoft Security Response Center (MSRC) and Microsoft Threat Intelligence are involved in reporting
CVE-2023-36761 – Microsoft Word Information Disclosure Vulnerability
- CVE-2023-36761: Important-rated vulnerability with a CVSS score of 6.2
- Affected Component: Microsoft Office Word
- Vulnerability Type: Information disclosure, specifically NTLM hashes
- Exploitation Method: Utilizing the preview pane when opening a document
- Potential Consequence: Attacker gains access to NTLM hashes, important for account access
- Exploitation Use Cases: Cracking the hashes or employing them in an NTLM relay attack
- Flaw Details: Publicly disclosed
According to Microsoft, CVE-2023-23397 was exploited as a zero-day by a Russia-based threat actor.
Also, there is CVE-2023-36744, CVE-2023-36745 and CVE-2023-36756 are RCE vulnerabilities affecting Microsoft Exchange. Successful exploitation of these vulnerabilities requires an attacker to authenticate with LAN access and have valid credentials for an Exchange user.
CVE-2023-38143 and CVE-2023-38144 are EoP vulnerabilities in the Windows Common Log File System (CLFS) Driver. ” An authenticated attacker could exploit these vulnerabilities to gain SYSTEM privileges.
Update for Windows client versions
The following client versions of Windows have known issues: Windows 10, Windows 11
Windows 10 version 21H2 and 22H2: 16 vulnerabilities, 1 critical and 15 important.
- Internet Connection Sharing (ICS) Remote Code Execution Vulnerability — CVE-2023-38148
Windows 11 version 22H2: 18 vulnerabilities, 1 critical and 17 important.
Same as Windows 10 version 22H2, Internet Connection Sharing (ICS) Remote Code Execution Vulnerability — CVE-2023-38148
Recent updates from other companies
Third-party vendors such as Citrix, Fortinet, Google, Cisco, and SAP have released updates since last month’s Patch Tuesday.
- Apple fixed a new zero-day exploit chain called BLASTPASS that was used in attacks to install the Pegasus spyware.
- Atlas VPN to fix a zero-day in the Linux client that can expose the user’s actual IP address.
- Asus fixed three critical remote code execution bugs in the SUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers.
- Cisco released security updates for various products and warned of a zero-day in Cisco ASA devices.
- Google released the Android September 2023 and Chrome updates to fix actively exploited vulnerabilities.
- MSI released BIOS updates to fix ‘UNSUPPORTED_PROCESSOR’ errors in Windows.
- Notepad++ 8.5.7 was released to fix four security vulnerabilities.
- SAP has released its September 2023 Patch Day updates.
- VMware fixed a VMware Tools vulnerability.
Windows security updates September 2023
September 2023 (Patch Tuesday) Windows security updates are the following:
- KB5030219 (OS Build 22621.2283) for the latest Windows 11 version 22H2
- KB5030217 (OS Build 22000.2416) for the latest Windows 11 version 21H2
- KB5030211 (OS Builds 19045.3448) for the latest Windows 10 version 21H2
- KB5030214 (OS Build 17763.4851) for the latest Windows 10 version 1809
All these updates only include minor patches and security fixes, rather than any new features.
Note: Windows 11 was released with a number of new features and improvements as a free upgrade for eligible Windows 10 devices. Here is how to upgrade to Windows 11 for free.
For Windows 11 version 22H2, there is a new Cumulative Update KB5030219 that advances the build number to 22621.2283 and addresses security issues for your Windows operating system.
This update brings several key improvements to Windows 11. It resolves issues with the Resultant Set of Policy (RSoP) report when enabling optional updates and introduces a new policy for better control over their installation.
Additionally, it enhances the search experience by adding highlights and refining the search bar’s behavior. Users will also notice improved Narrator accuracy in identifying search results.
These changes collectively aim to significantly enhance the overall user experience, particularly for those who frequently utilize Windows search.
You can read the complete changelog here.
KB5030211 patch for Windows 10 version 22H2 Advance build number 19045.3448 and focuses on security fixes and minor improvements.
This update brings several valuable enhancements to Windows 10. It introduces a new Windows Backup app for efficient app and file management, ensuring easy recovery.
Improved location detection enhances weather, news, and traffic information accuracy. Notable additions include notification badging for Microsoft accounts on the Start menu and support for daylight saving time changes in Israel.
Additionally, fixes have been implemented for the search box and the Group Policy Service, addressing delays in policy processing and network availability.
This update also resolves a settings synchronization issue, even when toggled in the Windows backup page within the Settings app.
You can read the complete changelog here Microsoft support.
Microsoft Security update download September 2023
All these Windows 10 September 2023 Patch Tuesday updates are automatically downloaded and installed via Windows update. Or you force Windows update from settings, Windows update and check for updates to download and install the latest patch updates immediately.
Microsoft has published download links for Windows update offline installers if you prefer manual installation over Windows Update.
- Windows 11 KB5030219 (Version 22H2) offline installer Direct Download Link 64-bit.
- Windows 11 KB5030217 (Version 21H2) offline installer Direct Download Link 64-bit.
- Windows 10 KB5030211 (For versions 21H2 and 21H1) Direct Download Links: 64-bit and 32-bit (x86).
Windows 10 KB5030214 (for version 1809) Offline Download links
If you are Looking for Windows 10 version 22H2 ISO image, click here.
Or Check How to Upgrade to Windows 10 version 22H2 Using the media creation tool.
If you face any difficulty while installing these updates, Check the Windows 10 Update troubleshooting guide to fix the Windows 10 update KB5030211 stuck downloading, failed to install with different errors, etc.
FAQ on Patch Tuesday update
What is Patch Tuesday?
- Patch Tuesday is the colloquial term for Microsoft’s Update Tuesday which falls on the second Tuesday of every month.
When is Patch Tuesday?
- Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on 10 October 2023.
What is patching and why is it important?
- Patches are nothing but pieces of software code that are written to fix a bug in a software application that might lead to a vulnerability.
What kind of patch updates are released during Patch Tuesday?
- Predominantly security patch updates of varying severity like Critical, Important, Moderate and low are labeled and released.
What are CVE IDs?
- CVE ID – Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD).
- Complete Review of Microsoft Windows 10 Operating system
- Solved: Microsoft Edge not working after the Windows 10 update
- can’t connect securely to this page ie11 or edge Windows 10
- Windows 10 Stuck Preparing Automatic Repair? Here is how to fix
- Everything About IP (Internet Protocol) Address – Purpose to Benefits explained