Microsoft Patch Tuesday: November 2023 Edition

patch tuesday header 1

Microsoft released its monthly batch of security updates on November 14, 2023, addressing 75 vulnerabilities, including three zero-day vulnerabilities that are being actively exploited by attackers. The updates also include three Critical and 57 Important severity vulnerabilities.

Key Highlights:

  • Three zero-day vulnerabilities are being actively exploited by attackers.
  • 75 vulnerabilities are being addressed in this month’s Patch Tuesday.
  • Three Critical and 57 Important severity vulnerabilities are included in the updates.
  • 17 Microsoft Edge (Chromium-based) vulnerabilities are also being addressed.

patch tuesday header 1

Vulnerabilities Addressed

The November 2023 Patch Tuesday addresses a wide range of vulnerabilities, including:

  • Denial of Service (DoS) vulnerabilities
  • Elevation of Privilege (EoP) vulnerabilities
  • Information Disclosure vulnerabilities
  • Remote Code Execution (RCE) vulnerabilities
  • Security Feature Bypass vulnerabilities
  • Cross-site Scripting (XSS) vulnerabilities
  • Spoofing vulnerabilities

Zero-Day Vulnerabilities

The three zero-day vulnerabilities addressed in this month’s Patch Tuesday are:

  • CVE-2023-36025: A Windows SmartScreen Security feature bypass vulnerability.
  • CVE-2023-36033: A Windows Dynamic Window Manager (DWM) elevation of privilege vulnerability.
  • CVE-2023-36036: A Windows Cloud Files Mini Filter Driver elevation of privilege vulnerability.

Impact and Recommendations

Microsoft recommends that all users install the November 2023 Patch Tuesday updates as soon as possible to protect their systems from these vulnerabilities. Organizations should prioritize patching systems that are at higher risk of attack, such as those that are exposed to the internet or that are used to store sensitive data.

In addition to the zero-day vulnerabilities, the November 2023 Patch Tuesday also addresses three Critical severity vulnerabilities and 57 Important severity vulnerabilities. These vulnerabilities span a range of categories, including Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Remote Code Execution (RCE), Security Feature Bypass, Cross-site Scripting (XSS), and Spoofing.

The Critical severity vulnerabilities, CVE-2023-36034, CVE-2023-36035, and CVE-2023-36037, require immediate attention as they pose a significant risk of exploitation. These vulnerabilities affect the Microsoft Protected Extensible Authentication Protocol (PEAP), the Windows PGM component, and the Windows Authentication Methods, respectively.

The Important severity vulnerabilities, while not as critical as the zero-day and Critical vulnerabilities, still represent potential security risks and should be addressed promptly. These vulnerabilities span a variety of Microsoft products and components, including Microsoft Office, Open Management Infrastructure, Tablet Windows User Interface, Visual Studio Code, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, and Microsoft Edge.

The November 2023 Patch Tuesday is an important release that addresses a number of critical vulnerabilities. Users and organizations should install the updates as soon as possible to protect their systems from attack.

About the author

Mary Woods

Mary is a passionate tech enthusiast with over 4 years of experience in writing about global technological advancements. Currently based in Miami, she has a deep interest in all things tech and is particularly drawn to the wonders of the modern internet. Writing about the latest technological trends online is not just her expertise but also her hobby. Mary’s dedication to exploring and sharing the latest in technology makes her a key contributor to PC-Tablet.com, where she brings her insights and enthusiasm to every article she writes.

Web Stories

5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget 5 Best Laptop of 2024 5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More! 6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager 5 Best Lightweight Laptops for High School and College Students 5 Best Bluetooth Speaker in 2024 6 Best Android Phones Under $100 in 2024 6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio Best Macbook Air Deals on 13 & 15-inch Models Start from $149