Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Microsoft’s July 2023 Patch Tuesday

July 12, 2023
Reading Time: 2 mins read
in Alerts
Microsoft’s July 2023 Patch Tuesday

 

Microsoft released security updates on July 11, 2023, to address 132 vulnerabilities, including six actively exploited zero-days. Of the 37 remote code execution (RCE) vulnerabilities that were fixed, nine were rated as critical. One of the RCE flaws remains unpatched and is actively exploited in attacks seen by numerous cybersecurity firms.

The six actively exploited zero-days that were fixed in July 2023 include:

  • CVE-2023-32046: Windows MSHTML Platform Elevation of Privilege Vulnerability
  • CVE-2023-32049: Windows SmartScreen Security Feature Bypass Vulnerability
  • CVE-2023-36874: Windows Error Reporting Service Elevation of Privilege Vulnerability
  • CVE-2023-36884: Office and Windows HTML Remote Code Execution Vulnerability
  • CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability

The CVE-2023-36884 vulnerability is particularly concerning because it is being exploited by the RomCom hacking group, which is known to deploy ransomware in attacks. Microsoft says that users of Microsoft Defender for Office and those using the “Block all Office applications from creating child processes” Attack Surface Reduction Rule are protected from attachments that attempt to exploit this vulnerability.

In addition to the six actively exploited zero-days, Microsoft also released security updates for a number of other vulnerabilities, including:

  • 33 elevation of privilege vulnerabilities
  • 13 security feature bypass vulnerabilities
  • 19 information disclosure vulnerabilities
  • 22 denial of service vulnerabilities
  • 7 spoofing vulnerabilities

Microsoft also released security updates for products from other vendors, including:

  • AMD Adrenalin 23.7.1 WHQL driver for Windows
  • Apple Rapid Security Response (RSR) updates
  • Cisco DUO, Webex, Secure Email Gateway, Cisco Nexus 9000 Series Fabric Switches, and more
  • Google Android July 2023 updates
  • Linux vulnerability known as ‘StackRot’ allows privilege escalation
  • Microsoft Windows Subsystem for Android updates
  • MOVEit security updates
  • SAP July 2023 Patch Day updates
  • VMware SD-WAN updates

Microsoft’s July 2023 Patch Tuesday was a busy one, with security updates released for a wide range of vulnerabilities. The six actively exploited zero-days are particularly concerning, and organizations should take steps to mitigate the risk of these vulnerabilities being exploited.

Reference:
  • July 2023 Security Updates

Tags: Cyber AlertCyber Alerts 2023CyberattackCybersecurityJuly 2023ROMCOM RATVulnerabilitiesWindows
ADVERTISEMENT

Related Posts

COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025
Critical Kibana Flaws Allows Code Execution

Mirai Botnet Exploits Vulnerabilities in IoT

May 7, 2025
Critical Kibana Flaws Allows Code Execution

Critical Kibana Flaws Allows Code Execution

May 7, 2025
Critical Kibana Flaws Allows Code Execution

New OttoKit Flaw Targets WordPress Sites

May 7, 2025

Latest Alerts

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

New OttoKit Flaw Targets WordPress Sites

Mirai Botnet Exploits Vulnerabilities in IoT

Critical Kibana Flaws Allows Code Execution

Subscribe to our newsletter

    Latest Incidents

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    UK Legal Aid Agency Faces Cyber Incident

    South African Airways Hit by Cyberattack

    Coweta County School System Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial