Microsoft’s September 2023 Patch Tuesday Addresses 2 Zero-Days, 59 Vulnerabilities

Microsoft has released its latest release of security updates for September 2023. In its most recent Patch Tuesday, the tech giant has addressed a total of 52 vulnerabilities, including two zero-day vulnerabilities actively exploited by malicious actors. Among these vulnerabilities, 24 were classified as remote code execution (RCE) vulnerabilities, with five of them carrying the “Critical” rating. In this article, we will delve into the specifics of the updates and discuss how to safeguard your systems against these potential threats. 

What’s the update from Microsoft?

The two actively exploited zero-day vulnerabilities can be found below:  

• CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability: This vulnerability poses a severe threat, as it could potentially allow attackers to elevate their privileges to SYSTEM level. In simpler terms, it grants malicious actors nearly unrestricted access to the compromised system, making it a critical issue that requires immediate attention. 

• CVE-2023-36761 – Microsoft Word Information Disclosure Vulnerability: This particular vulnerability targets Microsoft Word and can result in the unauthorized extraction of NTLM hashes when a document is opened, even when viewed in the preview pane. NTLM hashes are sensitive credentials that, if compromised, can lead to a variety of security breaches and unauthorized access.  

For a comprehensive list of all resolved vulnerabilities in the September 2023 Patch Tuesday updates, please refer to the full report provided by Microsoft. 

What is Nuspire doing?

At Nuspire, we understand the significance of timely patching and vigilant threat detection. As part of our commitment to ensuring the security of our clients, we actively apply patches as soon as they are released, following vendor recommendations. Additionally, we continuously engage in threat hunting within client environments to proactively identify any indications of compromise. 

How should I protect myself from these vulnerabilities?

Given the gravity of the situation, it is imperative that organizations take immediate action to protect their systems and data. Here are some steps you can take: 

Review Microsoft’s September 2023 Security Updates

The first and most crucial step is to thoroughly review the security updates released by Microsoft for September 2023. Understanding what vulnerabilities are being addressed is essential to prioritize your patching efforts effectively. 

Apply Patches Promptly 

Once you have identified the vulnerabilities that affect your systems, take swift action to apply the relevant patches. This will help close the door to potential threats and vulnerabilities that could otherwise be exploited by cybercriminals. 

Focus on Actively Exploited Vulnerabilities

Given the active exploitation of the two zero-day vulnerabilities mentioned earlier, it is paramount that these receive immediate attention. Prioritize patching these vulnerabilities to reduce the risk of falling victim to attacks targeting them. 

Explore Workarounds and Mitigations

In cases where immediate patching is not possible due to operational constraints or compatibility issues, Microsoft often provides workarounds and mitigations for specific CVEs. Reviewing these can offer interim solutions to protect your systems while you plan for the full patching process. 

Regularly Scan for Unpatched Systems

In addition to patching, it’s essential to maintain a proactive security posture by regularly scanning your environment to identify any systems that have not yet received the necessary updates. This ensures that no vulnerable systems are left exposed.  

Microsoft’s September 2023 Patch Tuesday updates are a testament to the ongoing battle against cyber threats. By promptly applying these updates, focusing on actively exploited vulnerabilities and implementing necessary workarounds, organizations can significantly enhance their cybersecurity posture and minimize the risk of falling prey to malicious actors. Staying vigilant and proactive is the key to safeguarding your digital assets in an increasingly interconnected world.