Microsoft October 2023 Patch Tuesday fixes 3 zero-days, 104 flaws Cybernoz October 10, 2023 Posted in Bleeping Computer Tag CVE ID CVE Title Severity Active Directory Domain Services CVE-2023-36722 Active Directory Domain Services Information Disclosure Vulnerability Important Azure CVE-2023-36737 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability Important Azure CVE-2023-36419 Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability Important Azure DevOps CVE-2023-36561 Azure DevOps Server Elevation of Privilege Vulnerability Important Azure Real Time Operating System CVE-2023-36418 Azure RTOS GUIX Studio Remote Code Execution Vulnerability Important Azure SDK CVE-2023-36414 Azure Identity SDK Remote Code Execution Vulnerability Important Azure SDK CVE-2023-36415 Azure Identity SDK Remote Code Execution Vulnerability Important Client Server Run-time Subsystem (CSRSS) CVE-2023-41766 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Important HTTP/2 CVE-2023-44487 MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack Important Microsoft Common Data Model SDK CVE-2023-36566 Microsoft Common Data Model SDK Denial of Service Vulnerability Important Microsoft Dynamics CVE-2023-36429 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Important Microsoft Dynamics CVE-2023-36416 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2023-36433 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Important Microsoft Edge (Chromium-based) CVE-2023-5346 Chromium: CVE-2023-5346 Type Confusion in V8 Unknown Microsoft Exchange Server CVE-2023-36778 Microsoft Exchange Server Remote Code Execution Vulnerability Important Microsoft Graphics Component CVE-2023-36594 Windows Graphics Component Elevation of Privilege Vulnerability Important Microsoft Graphics Component CVE-2023-38159 Windows Graphics Component Elevation of Privilege Vulnerability Important Microsoft Office CVE-2023-36565 Microsoft Office Graphics Elevation of Privilege Vulnerability Important Microsoft Office CVE-2023-36569 Microsoft Office Elevation of Privilege Vulnerability Important Microsoft Office CVE-2023-36568 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability Important Microsoft QUIC CVE-2023-38171 Microsoft QUIC Denial of Service Vulnerability Important Microsoft QUIC CVE-2023-36435 Microsoft QUIC Denial of Service Vulnerability Important Microsoft WDAC OLE DB provider for SQL CVE-2023-36577 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important Microsoft Windows Media Foundation CVE-2023-36710 Windows Media Foundation Core Remote Code Execution Vulnerability Important Microsoft Windows Search Component CVE-2023-36564 Windows Search Security Feature Bypass Vulnerability Important Microsoft WordPad CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability Important Skype for Business CVE-2023-36786 Skype for Business Remote Code Execution Vulnerability Important Skype for Business CVE-2023-36780 Skype for Business Remote Code Execution Vulnerability Important Skype for Business CVE-2023-36789 Skype for Business Remote Code Execution Vulnerability Important Skype for Business CVE-2023-41763 Skype for Business Elevation of Privilege Vulnerability Important SQL Server CVE-2023-36728 Microsoft SQL Server Denial of Service Vulnerability Important SQL Server CVE-2023-36417 Microsoft SQL ODBC Driver Remote Code Execution Vulnerability Important SQL Server CVE-2023-36785 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Important SQL Server CVE-2023-36598 Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability Important SQL Server CVE-2023-36730 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Important SQL Server CVE-2023-36420 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Important Windows Active Template Library CVE-2023-36585 Active Template Library Denial of Service Vulnerability Important Windows AllJoyn API CVE-2023-36709 Microsoft AllJoyn API Denial of Service Vulnerability Important Windows Client/Server Runtime Subsystem CVE-2023-36902 Windows Runtime Remote Code Execution Vulnerability Important Windows Common Log File System Driver CVE-2023-36713 Windows Common Log File System Driver Information Disclosure Vulnerability Important Windows Container Manager Service CVE-2023-36723 Windows Container Manager Service Elevation of Privilege Vulnerability Important Windows Deployment Services CVE-2023-36707 Windows Deployment Services Denial of Service Vulnerability Important Windows Deployment Services CVE-2023-36567 Windows Deployment Services Information Disclosure Vulnerability Important Windows Deployment Services CVE-2023-36706 Windows Deployment Services Information Disclosure Vulnerability Important Windows DHCP Server CVE-2023-36703 DHCP Server Service Denial of Service Vulnerability Important Windows Error Reporting CVE-2023-36721 Windows Error Reporting Service Elevation of Privilege Vulnerability Important Windows HTML Platform CVE-2023-36436 Windows MSHTML Platform Remote Code Execution Vulnerability Important Windows HTML Platform CVE-2023-36557 PrintHTML API Remote Code Execution Vulnerability Important Windows IIS CVE-2023-36434 Windows IIS Server Elevation of Privilege Vulnerability Important Windows IKE Extension CVE-2023-36726 Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-36576 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2023-36712 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-36698 Windows Kernel Security Feature Bypass Vulnerability Important Windows Layer 2 Tunneling Protocol CVE-2023-41770 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41765 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41767 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-38166 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41774 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41773 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41771 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41769 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-41768 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Mark of the Web (MOTW) CVE-2023-36584 Windows Mark of the Web Security Feature Bypass Vulnerability Important Windows Message Queuing CVE-2023-36571 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36570 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36431 Microsoft Message Queuing Denial of Service Vulnerability Important Windows Message Queuing CVE-2023-35349 Microsoft Message Queuing Remote Code Execution Vulnerability Critical Windows Message Queuing CVE-2023-36591 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36590 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36589 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36583 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36592 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36697 Microsoft Message Queuing Remote Code Execution Vulnerability Critical Windows Message Queuing CVE-2023-36606 Microsoft Message Queuing Denial of Service Vulnerability Important Windows Message Queuing CVE-2023-36593 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36582 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36574 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36575 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36573 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36572 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Message Queuing CVE-2023-36581 Microsoft Message Queuing Denial of Service Vulnerability Important Windows Message Queuing CVE-2023-36579 Microsoft Message Queuing Denial of Service Vulnerability Important Windows Message Queuing CVE-2023-36578 Microsoft Message Queuing Remote Code Execution Vulnerability Important Windows Microsoft DirectMusic CVE-2023-36702 Microsoft DirectMusic Remote Code Execution Vulnerability Important Windows Mixed Reality Developer Tools CVE-2023-36720 Windows Mixed Reality Developer Tools Denial of Service Vulnerability Important Windows Named Pipe File System CVE-2023-36729 Named Pipe File System Elevation of Privilege Vulnerability Important Windows Named Pipe File System CVE-2023-36605 Windows Named Pipe Filesystem Elevation of Privilege Vulnerability Important Windows NT OS Kernel CVE-2023-36725 Windows Kernel Elevation of Privilege Vulnerability Important Windows Power Management Service CVE-2023-36724 Windows Power Management Service Information Disclosure Vulnerability Important Windows RDP CVE-2023-36790 Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability Important Windows RDP CVE-2023-29348 Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability Important Windows Remote Procedure Call CVE-2023-36596 Remote Procedure Call Information Disclosure Vulnerability Important Windows Resilient File System (ReFS) CVE-2023-36701 Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability Important Windows Runtime C++ Template Library CVE-2023-36711 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability Important Windows Setup Files Cleanup CVE-2023-36704 Windows Setup Files Cleanup Remote Code Execution Vulnerability Important Windows TCP/IP CVE-2023-36438 Windows TCP/IP Information Disclosure Vulnerability Important Windows TCP/IP CVE-2023-36603 Windows TCP/IP Denial of Service Vulnerability Important Windows TCP/IP CVE-2023-36602 Windows TCP/IP Denial of Service Vulnerability Important Windows TPM CVE-2023-36717 Windows Virtual Trusted Platform Module Denial of Service Vulnerability Important Windows Virtual Trusted Platform Module CVE-2023-36718 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability Critical Windows Win32K CVE-2023-36731 Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-36732 Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-36776 Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-36743 Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-41772 Win32k Elevation of Privilege Vulnerability Important Source link