The Microsoft June 2023 Security Updates includes patches and advisories for 78 vulnerabilities, including 5 Critical severity issues. There were no zero-day vulnerabilities reported.
A remote attacker could exploit some of these vulnerabilities to take control of unpatched systems.
Microsoft Products affected
This month’s Microsoft security updates cover multiple impacted products and families, including, but not limited to (listing those that contain vulnerabilities with CVSS score higher that 7):
- .NET and Visual Studio
- .NET Core
- .NET Framework
- ASP .NET
- Azure DevOps
- Microsoft Edge (Chromium-based)
- Microsoft Exchange Server
- Microsoft Office (multiple products)
- Microsoft Printer Drivers
- Microsoft WDAC OLE DB provider for SQL
- Microsoft Windows Codecs Library
- NuGet Client
- Remote Desktop Client
- SQL Server
- Windows Authentication Methods
- Windows Bus Filter Driver
- Windows Cloud Files Mini Filter Driver
- Windows Collaborative Translation Framework
- Windows Filtering
- Windows GDI
- Windows Geolocation Service
- Windows Group Policy
- Windows Hello
- Windows iSCSI
- Windows NTFS
- Windows ODBC Driver
- Windows OLE
- Windows PGM
- Windows Resilient File System (ReFS)
- Windows Server Service
- Windows SMB
- Windows TPM Device Driver
- Windows Win32K.
Microsoft patched a total of five (5) Critical vulnerabilities – one (1) Denial of Service, one (1) Elevation of Privilege, and four (3) Remote Code Execution (RCE) vulnerabilities on June 13, 2023:
- CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability (CVSS 9.8).
- CVE-2023-29363: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability (CVSS 9.8)
- CVE-2023-32013: Windows Hyper-V Denial of Service Vulnerability (CVSS 6.5)
- CVE-2023-32014: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability (CVSS 9.8)
- CVE-2023-32015: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability (CVSS 9.8).
Microsoft warned the most severe of the Critical CVEs (SharePoint CVE-2023-29357) is more likely to be exploited.
“An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user,” Microsoft noted in the SharePoint advisory.
Exploits more likely
Moreover, Microsoft lists the following products, with vulnerabilities that have a higher likelihood of exploit:
- Microsoft Exchange Server (CVE-2023-28310, CVE-2023-32031)
- Microsoft Office SharePoint (CVE-2023-29357)
- Windows Cloud Files Mini Filter Driver (CVE-2023-29361)
- Windows GDI (CVE-2023-29358)
- Windows TPM Device Driver (CVE-2023-29360)
- Windows Win32K (CVE-2023-29359, CVE-2023-29371).
Finally, Microsoft addressed multiple other vulnerabilities in multiple products on June 13, 2023, to include 70 Moderate, 2 Moderate and 2 Low severity issues.
The patched vulnerabilities include Denial of Service (9), Elevation of Privilege (17), Information Disclosure (6), Remote Code Execution (29), Security Feature Bypass (10), and Spoofing (2) issues.
Last month, Microsoft patched 49 Vulnerabilities (6 Critical, 2 zero-days) as part of May’s Patch Tuesday.