Microsoft’s Patch Tuesday for June 2023 addresses 78 vulnerabilities, a significant increase from last month’s total of 37. While six of the flaws are critical, Microsoft says none are currently being exploited in the wild.<\/p>\n\n\n\n
The six critical vulnerabilities are as follows:<\/p>\n\n\n\n
Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, noted in a blog post<\/a> that this is the third month in a row in which Windows Pragmatic General Multicast (PGM) has had a flaw addressed with a CVSS score of 9.8. “While not enabled by default, PGM isn’t an uncommon configuration,” he wrote. “Let’s hope these bugs get fixed before any active exploitation starts.”<\/p>\n\n\n\n Action1 vice president of vulnerability and threat research Mike Walters separately observed<\/a> that the three PGM flaws can be exploited over the network without requiring privileges or user interaction.<\/p>\n\n\n\n “To mitigate this vulnerability, consider checking if the Message Queuing service is running on TCP port 1801 and disable it if not needed,” Walters advised. “However, be cautious as this may impact system functionality. It is generally recommended to install the available patch instead of relying solely on mitigation strategies.”<\/p>\n\n\n\n Exploitation of the SharePoint Server flaw CVE-2023-29357, Walters noted, also requires no privileges or user interaction. “Customers using Microsoft Defender and the AMSI integration feature in their SharePoint Server farm(s) are protected against this vulnerability,” he wrote. “While there are no confirmed cases of exploitation yet, Microsoft warns that the likelihood of exploitation is high. It is essential for organizations using SharePoint 2019 to apply the patch to mitigate this serious vulnerability.”<\/p>\n\n\n\n Rapid7 lead software engineer Adam Barnett pointed out by email that while the FAQ provided with Microsoft’s advisory for CVE-2023-29357 states that both SharePoint Enterprise Server 2016 and SharePoint Server 2019 are vulnerable, no related patches are listed for SharePoint 2016.<\/p>\n\n\n\n “Defenders responsible for SharePoint 2016 will no doubt wish to follow up on this one as a matter of some urgency,” Barnett wrote. “Microsoft also explains that there may be more than one patch listed for a particular version of SharePoint, and that every patch must be installed to remediate this vulnerability (although order of patching doesn’t matter).”<\/p>\n\n\n\n Regarding CVE-2023-24897, Barnett observed that exploitation of the flaw in .NET, .NET Framework and Visual Studio requires the attacker to trick a victim into opening a specially-crafted malicious file.<\/p>\n\n\n\n “Although Microsoft has no knowledge of public disclosure or exploitation in the wild, and considers exploitation less likely, the long list of patches \u2013 going back as far as .NET Framework 3.5 on Windows 10 1607 \u2013 means that this vulnerability has been present for years,” he wrote.<\/p>\n\n\n\n See the <\/strong>Best Patch Management Software & Tools<\/strong><\/a><\/p>\n\n\n\n Ivanti vice president of security products Chris Goettl noted by email that two lower-severity flaws were also patched in Microsoft Exchange Server.<\/p>\n\n\n\n “CVE-2023-32031<\/a> could potentially trigger malicious code in the context of the server’s account through a network call,” Goettl wrote. “CVE-2023-28310<\/a> could allow the attacker to execute code via a PowerShell remoting session. Neither have been disclosed or exploited, but given the sophistication of threat actors who specialize in targeting Exchange Server, it is recommended not to let these linger for long.”<\/p>\n\n\n\nFlaws in SharePoint, .NET, Visual Studio<\/h2>\n\n\n\n
Other Noteworthy Flaws<\/h2>\n\n\n\n