Microsoft Patch Tuesday August: Warns of 2 zero-days

Microsoft Patch Tuesday August: Warns of 2 zero-days

Microsoft introduces the August 2023 Patch Tuesday update, encompassing 87 security enhancements addressing 23 vulnerabilities. Among these are two vulnerabilities currently under active exploitation. The update also tackles twenty-three instances of remote code execution vulnerabilities.

Although twenty-three RCE bugs were fixed, Microsoft identified as “Critical» only six of them.

The number of errors in each category is listed below:

  • 18 Elevation of Privilege vulnerabilities
  • 3 Security Feature Bypass vulnerabilities
  • 23 Remote Code Execution vulnerabilities
  • 10 Information Disclosure vulnerabilities
  • 8 Denial of Service vulnerabilities
  • 12 Spoofing vulnerabilities

In this month’s Microsoft Patch Tuesday release, two vulnerabilities that are actively targeted in attacks, identified as zero-day exploits, have been addressed. Notably, one of these vulnerabilities has been publicly disclosed, intensifying the potential risk to users.

Microsoft labels a vulnerability as zero-day if it’s disclosed or exploited before an official patch. Other vendors that issued updates or advisories in August 2023 are:

  • Adobe released security updates for Adobe Acrobat, Reader, and other products.
  • AMD addressed multiple security vulnerabilities in new hardware.
  • Cisco issued security updates for Cisco Secure Web Appliance and Cisco AnyConnect.
  • A new Collide+Power side-channel attack impacts nearly all CPUs.
  • Google rolled out Android updates for August 2023, addressing actively exploited vulnerabilities.
  • A new Inception attack (CVE-2023-20569) is silently leaking from all AMD Zen processors.
  • Ivanti resolved an unauthenticated remote API access vulnerability in MobileIron Core.
  • Microsoft tackled a Power Platform custom links issue that persisted for a considerable duration.
  • MOVEit released security updates addressing a critical SQL error and two other vulnerabilities.
  • PaperCut addressed a critical vulnerability identified as CVE-2023-39143.
  • SAP released Patch Day updates for August 2023.
  • VMware addressed multiple flaws in VMware Horizon Server.
  • Zoom patched fifteen vulnerabilities.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!