Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Microsoft’s July 2023 Patch Tuesday

July 12, 2023
Reading Time: 2 mins read
in Alerts
Microsoft’s July 2023 Patch Tuesday

 

Microsoft released security updates on July 11, 2023, to address 132 vulnerabilities, including six actively exploited zero-days. Of the 37 remote code execution (RCE) vulnerabilities that were fixed, nine were rated as critical. One of the RCE flaws remains unpatched and is actively exploited in attacks seen by numerous cybersecurity firms.

The six actively exploited zero-days that were fixed in July 2023 include:

  • CVE-2023-32046: Windows MSHTML Platform Elevation of Privilege Vulnerability
  • CVE-2023-32049: Windows SmartScreen Security Feature Bypass Vulnerability
  • CVE-2023-36874: Windows Error Reporting Service Elevation of Privilege Vulnerability
  • CVE-2023-36884: Office and Windows HTML Remote Code Execution Vulnerability
  • CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability

The CVE-2023-36884 vulnerability is particularly concerning because it is being exploited by the RomCom hacking group, which is known to deploy ransomware in attacks. Microsoft says that users of Microsoft Defender for Office and those using the “Block all Office applications from creating child processes” Attack Surface Reduction Rule are protected from attachments that attempt to exploit this vulnerability.

In addition to the six actively exploited zero-days, Microsoft also released security updates for a number of other vulnerabilities, including:

  • 33 elevation of privilege vulnerabilities
  • 13 security feature bypass vulnerabilities
  • 19 information disclosure vulnerabilities
  • 22 denial of service vulnerabilities
  • 7 spoofing vulnerabilities

Microsoft also released security updates for products from other vendors, including:

  • AMD Adrenalin 23.7.1 WHQL driver for Windows
  • Apple Rapid Security Response (RSR) updates
  • Cisco DUO, Webex, Secure Email Gateway, Cisco Nexus 9000 Series Fabric Switches, and more
  • Google Android July 2023 updates
  • Linux vulnerability known as ‘StackRot’ allows privilege escalation
  • Microsoft Windows Subsystem for Android updates
  • MOVEit security updates
  • SAP July 2023 Patch Day updates
  • VMware SD-WAN updates

Microsoft’s July 2023 Patch Tuesday was a busy one, with security updates released for a wide range of vulnerabilities. The six actively exploited zero-days are particularly concerning, and organizations should take steps to mitigate the risk of these vulnerabilities being exploited.

Reference:
  • July 2023 Security Updates

Tags: Cyber AlertCyber Alerts 2023CyberattackCybersecurityJuly 2023ROMCOM RATVulnerabilitiesWindows
ADVERTISEMENT

Related Posts

Russian APT28 Deploys Outlook Backdoor

SAP S4hana Exploited Vulnerability

September 5, 2025
Russian APT28 Deploys Outlook Backdoor

Virustotal Finds Undetected SVG Files

September 5, 2025
Russian APT28 Deploys Outlook Backdoor

Russian APT28 Deploys Outlook Backdoor

September 5, 2025
Lazarus Hackers Exploit ZeroDay, Deploy Rats

Lazarus Hackers Exploit ZeroDay, Deploy Rats

September 4, 2025
Lazarus Hackers Exploit ZeroDay, Deploy Rats

CISA Flags TP Link Router Flaws

September 4, 2025
Lazarus Hackers Exploit ZeroDay, Deploy Rats

Google Patches 120 Flaws In Android

September 4, 2025

Latest Alerts

SAP S4hana Exploited Vulnerability

Virustotal Finds Undetected SVG Files

Russian APT28 Deploys Outlook Backdoor

CISA Flags TP Link Router Flaws

Lazarus Hackers Exploit ZeroDay, Deploy Rats

Google Patches 120 Flaws In Android

Subscribe to our newsletter

    Latest Incidents

    North Korean Hackers Fake Interviews

    Bridgestone Confirms Cyberattack

    Cybersecurity Firms Hit By Breach

    Salesloft Drift Attacks Hits Vendors

    Jaguar Land Rover Hit By Cyber Incident

    Hackers Use Grok Ai To Spread Malware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial