- Home
- Alerts & Advisories
- Alerts
- July 2023 Monthly Patch
Monthly Patch
July 2023 Monthly Patch
12 July 2023
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
The vulnerabilities that have been classified as Critical in severity are listed in the table below.
Microsoft is also aware of active exploitation of CVE-2023-36884, an unpatched zero-day vulnerability impacting Windows and Office products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code using specially crafted Microsoft Office documents. Mitigation measures provided by Microsoft for CVE-2023-36884 can be found here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884.
More information is available at:
https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/
For the full list of security patches released by Microsoft, please refer to https://msrc.microsoft.com/update-guide/en-us/releaseNote/2023-Jul
Critical vulnerabilities
CVE Number | CVE Name | Base Score | Reference |
|---|---|---|---|
CVE-2023-32057 | Microsoft Message Queuing Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32057 |
CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35367 |
CVE-2023-35366 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35366 |
CVE-2023-35365 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35365 |
CVE-2023-33160 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33160 |
CVE-2023-33157 | Microsoft SharePoint Remote Code Execution Vulnerability | 8.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33157 |
CVE-2023-35315 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | 8.8 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35315 |
CVE-2023-35297 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 7.5 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35297 |
CVE-2023-35352 | Windows Remote Desktop Security Feature Bypass Vulnerability | 7.5 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35352 |