5 New Zero-day Vulnerabilities Patched in the Microsoft Security Update

By Published On: November 16, 2023

5 New Zero-day Vulnerabilities Patched in the Microsoft Security Update

Microsoft has released their security patches as part of their Patch Tuesday for November 2023. Microsoft has patched nearly 58 flaws, including 5 zero-day vulnerabilities.

The vulnerabilities were associated with Privilege Escalation (16), Remote code execution (15), Spoofing (11), Security Feature Bypass (6), Information Disclosure (6), and Denial of Service (5).

Microsoft also republished 15 non-Microsoft CVEs, which existent on Microsoft Bluetooth Driver and Microsoft Edge (Chromium-based) as mentioned in their release notes of November 2023.

Zero-Day Vulnerabilities

Microsoft mentioned three zero-day vulnerabilities as “Exploited Detected” as threat actors exploited them in the wild. 

CVE-2023-36036 – Elevation of Privilege in Windows Cloud Files Mini Filter Driver

A threat actor could exploit this vulnerability and gain SYSTEM privilege to perform several malicious activities on the compromised system.

This vulnerability affected Microsoft Windows Server 2019, 32-bit Systems, x64-based Systems, ARM64-based Systems, Windows Server 2022, Windows 11 version 21H2, and many other Microsoft Products.

The severity for this vulnerability has been given as 7.8 (High). However, there was no additional information about this vulnerability, such as how it was exploited or by which threat actor.

CVE-2023-36025: Security Feature Bypass in Multiple Windows Products

This vulnerability can be exploited by an unauthorized threat actor who does not require any access or settings for attacking. However, to successfully exploit this vulnerability, a user interaction is required.

This vulnerability existed in multiple Microsoft products and was rated 8.8 (High). Microsoft provided no additional information about this zero-day vulnerability.

CVE-2023-36033: Elevation of Privilege in Windows DWM Core Library

This was another zero-day vulnerability mentioned by Microsoft, which a threat actor could exploit. However, no user interaction is required to exploit this vulnerability, but a basic user privilege is required to exploit this vulnerability.

This vulnerability was given a severity of 7.8 (High) and is found to exist on many Microsoft products. Microsoft provided no other additional information about this vulnerability.

Tag CVE Base Score Exploitability FAQs? Workarounds? Mitigations?
Windows Protected EAP (PEAP) CVE-2023-36028 9.8 Exploitation Less Likely Yes No Yes
Windows Internet Connection Sharing (ICS) CVE-2023-36397 9.8 Exploitation Less Likely Yes No Yes
Windows Scripting CVE-2023-36017 8.8 Exploitation More Likely Yes No No
Windows SmartScreen CVE-2023-36025 8.8 Exploitation Detected Yes No No
Windows HMAC Key Derivation CVE-2023-36400 8.8 Exploitation Less Likely Yes No No
Microsoft WDAC OLE DB provider for SQL CVE-2023-36402 8.8 Exploitation Less Likely Yes No No
Azure DevOps CVE-2023-36437 8.8 Exploitation Less Likely Yes No No
ASP.NET CVE-2023-36560 8.8 Exploitation Less Likely Yes No No
Azure CVE-2023-38151 8.8 Exploitation Less Likely Yes No Yes
Azure CVE-2023-36052 8.6 Exploitation Less Likely Yes No No
Microsoft Windows Speech CVE-2023-36719 8.4 Exploitation Less Likely Yes No No
ASP.NET CVE-2023-36038 8.2 Exploitation Less Likely Yes No No
Azure CVE-2023-36021 8 Exploitation Less Likely Yes No No
Microsoft Exchange Server CVE-2023-36035 8 Exploitation More Likely Yes No No
Microsoft Exchange Server CVE-2023-36039 8 Exploitation More Likely Yes No No
Microsoft Exchange Server CVE-2023-36050 8 Exploitation More Likely Yes No No
Windows Distributed File System (DFS) CVE-2023-36425 8 Exploitation Less Likely Yes No No
Microsoft Exchange Server CVE-2023-36439 8 Exploitation More Likely Yes No No
Visual Studio Code CVE-2023-36018 7.8 Exploitation Less Likely Yes No No
Windows DWM Core Library CVE-2023-36033 7.8 Exploitation Detected Yes No No
Windows Cloud Files Mini Filter Driver CVE-2023-36036 7.8 Exploitation Detected Yes No No
Microsoft Office Excel CVE-2023-36037 7.8 Exploitation Less Likely Yes No No
Microsoft Office Excel CVE-2023-36041 7.8 Exploitation Less Likely Yes No No
Microsoft Office CVE-2023-36045 7.8 Exploitation Less Likely Yes No No
Windows Authentication Methods CVE-2023-36047 7.8 Exploitation Less Likely Yes No No
Tablet Windows User Interface CVE-2023-36393 7.8 Exploitation Less Likely Yes No No
Windows Compressed Folder CVE-2023-36396 7.8 Exploitation Less Likely Yes No No
Windows Hyper-V CVE-2023-36407 7.8 Exploitation Less Likely Yes No No
Windows Hyper-V CVE-2023-36408 7.8 Exploitation Less Likely Yes No No
Windows Defender CVE-2023-36422 7.8 Exploitation Less Likely Yes No No
Windows Common Log File System Driver CVE-2023-36424 7.8 Exploitation More Likely Yes No No
Windows Installer CVE-2023-36705 7.8 Exploitation Less Likely Yes No No
Microsoft Dynamics CVE-2023-36007 7.6 Exploitation Less Likely Yes No No
Microsoft Dynamics CVE-2023-36031 7.6 Exploitation Less Likely Yes No No
.NET Framework CVE-2023-36049 7.6 Exploitation Less Likely Yes No No
Microsoft Dynamics CVE-2023-36410 7.6 Exploitation Less Likely Yes No No
Windows DHCP Server CVE-2023-36392 7.5 Exploitation Less Likely No No No
Windows Deployment Services CVE-2023-36395 7.5 Exploitation Less Likely No No No
Microsoft Edge (Chromium-based) CVE-2023-36014 7.3 Exploitation Less Likely Yes No No
Microsoft Edge (Chromium-based) CVE-2023-36034 7.3 Exploitation Less Likely Yes No No
Microsoft Remote Registry Service CVE-2023-36401 7.2 Exploitation Less Likely Yes No No
Microsoft Remote Registry Service CVE-2023-36423 7.2 Exploitation Less Likely Yes No No
Microsoft Edge (Chromium-based) CVE-2023-36024 7.1 Exploitation Less Likely Yes No No
Microsoft Edge (Chromium-based) CVE-2023-36027 7.1 Exploitation Less Likely Yes No No
Windows Authentication Methods CVE-2023-36046 7.1 Exploitation Less Likely Yes No No
Windows Storage CVE-2023-36399 7.1 Exploitation More Likely Yes No No
Microsoft Windows Search Component CVE-2023-36394 7 Exploitation More Likely Yes No No
Windows Kernel CVE-2023-36403 7 Exploitation Less Likely Yes No No
Windows Kernel CVE-2023-36405 7 Exploitation Less Likely Yes No No
Windows Hyper-V CVE-2023-36427 7 Exploitation Less Likely Yes No No
Microsoft Edge (Chromium-based) CVE-2023-36022 6.6 Exploitation Less Likely Yes No No
Open Management Infrastructure CVE-2023-36043 6.5 Exploitation Less Likely Yes No No
Windows NTFS CVE-2023-36398 6.5 Exploitation Less Likely Yes No No
Microsoft Office CVE-2023-36413 6.5 Exploitation More Likely Yes No No
Microsoft Dynamics CVE-2023-36016 6.2 Exploitation Less Likely Yes No No
Visual Studio CVE-2023-36042 6.2 Exploitation Less Likely No No No
ASP.NET CVE-2023-36558 6.2 Exploitation Less Likely Yes No No
Microsoft Dynamics 365 Sales CVE-2023-36030 6.1 Exploitation Less Likely Yes No No
Microsoft Office SharePoint CVE-2023-38177 6.1 Exploitation More Likely Yes No No
Windows Kernel CVE-2023-36404 5.5 Exploitation Less Likely Yes No No
Windows Hyper-V CVE-2023-36406 5.5 Exploitation Less Likely Yes No No
Windows Authentication Methods CVE-2023-36428 5.5 Exploitation Less Likely Yes No No
Microsoft Edge (Chromium-based) CVE-2023-36029 4.3 Exploitation Less Likely Yes No No

Share this article

Leave A Comment