Undetectable Humanizer: Lifetime Subscription
Transform AI-Generated Text into Human-Like, High-Ranking Content & Bypass Even the Most Sophisticated AI Detectors
Get 95% Deal

Microsoft's Patch Tuesday August update fixes 74 flaws

Onur Demirkol
Aug 10, 2023
Windows
|
3

Microsoft has patched 74 flaws in its software as part of the company's Patch Tuesday upgrades for August 2023. Last month's update included 132 vulnerabilities, which seems like progress.

On August Patch Tuesday, Microsoft published 74 new CVEs, six of which were classified critical, and one zero-day vulnerability affecting.NET and Visual Studio. CVE-2023-20593 is a vulnerability that exists outside of the Microsoft product line and is related to the Zenbleed hole in specific AMD processors, requiring administrators to apply a microcode patch or BIOS update on vulnerable computers.

Microsoft Windows

30 Edge flaws have been fixed

In addition, Microsoft fixed 30 bugs in its Chromium-based Edge browser since last month's Patch Tuesday edition, as well as one side-channel weakness affecting certain AMD processor types (CVE-2023-20569 or Inception). According to Microsoft, downloading the new version "stops the attack chain," which led to the remote code execution flaw.

ADV230003 refers to a previously reported security flaw known as CVE-2023-36884, a remote code execution vulnerability in Office and Windows HTML that has been actively exploited by the Russia-linked RomCom threat actor in attacks against Ukraine as well as pro-Ukraine targets in Eastern Europe and North America.


Windows 11 KB5029263: What's new


CVE-2023-38180, a.NET and Visual Studio denial-of-service vulnerability with a CVSS score of 7.5, is the August Patch Tuesday zero-day. Microsoft's CVE notes suggested the existence of proof-of-concept code. Because an attacker does not require privileges to activate the vulnerability, a threat actor with a presence in the organization's infrastructure can start an assault more easily.

Administrators must patch Microsoft Visual Studio 2022, .NET 7.0, .NET 6.0, and ASP.NET Core 2.1, which might take considerable time if a thorough patch management system is not in place.

Patches are also included for five privilege escalation flaws in the Windows Kernel (CVE-2023-35359, CVE-2023-35380, CVE-2023-35382, CVE-2023-35386, and CVE-2023-38154, CVSS scores: 7.8) that could be exploited by a threat actor with local access to the target machine to gain SYSTEM privileges.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. John G. said on August 10, 2023 at 3:48 pm
    Reply

    > “Microsoft has patched 74 flaws in its software as part of the company’s Patch Tuesday upgrades for August 2023. Last month’s update included 132 vulnerabilities, which seems like progress.”

    74+132 = 206 issues. An example of well designed things. That’s a development team. xD

    1. bruh said on August 11, 2023 at 12:26 pm
      Reply

      I am not defending modern windows – I hate it – but do you have any idea of the sheer scale of the software they are developing? Have you spent any time coding? Even a small bit of software will have many different components with different responsibities – something like file explorer on the other hand, is insane to think about.

      I am a hobby coder, and make GUI programs for myself to simplify life – there is so much involved. Whenever I re-write something in a “better way”, inevitably it’s because the old approach was flawed in some way, it had bad edge cases, or theoretical exploits – it’s very easy to rack up the number of “flaws” you can patch.

      To say that something is not designed well because it has flaws/vulnerabilities – most software has this, especially large softwares. The difference is that Microsoft also has one of the biggest development teams, so they are able to do more.

      1. 45 RPM said on August 13, 2023 at 8:31 am
        Reply

        I develop corporate software for a living. Trust me, if my stuff sucked as hard and often as any Microsoft product, I’d be working as a cashier at Walmart.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.