Microsoft has launched its Patch Tuesday updates for August 2023, patching a complete of 74 vulnerabilities. This is a lower from the earlier month’s 132 vulnerabilities. The updates embody six Critical, 67 Important, and one Moderate severity vulnerabilities. Microsoft additionally launched two defense-in-depth updates for Microsoft Office and the Memory Integrity System Readiness Scan Tool. One of the safety flaws, tracked as CVE-2023-36884, has been actively exploited by the Russia-linked RomCom menace actor. Microsoft acknowledged that putting in the replace stops the assault chain. Other patches tackle distant code execution flaws in Microsoft Message Queuing and Microsoft Teams, in addition to spoofing vulnerabilities in varied Azure companies and the .NET Framework. There are additionally fixes for denial-of-service and knowledge disclosure flaws in Microsoft Message Queuing. Additionally, there are patches for distant code execution flaws in Exchange Server, a few of which require an adjoining assault vector and legitimate Exchange credentials. The replace additionally consists of patches for a proof-of-concept exploit for a denial-of-service vulnerability in .NET and Visual Studio, in addition to privilege escalation flaws within the Windows Kernel. Other software program distributors have additionally launched safety updates to deal with vulnerabilities of their merchandise.
Source hyperlink
