Microsoft’s December 2023 Patch Tuesday: Wrapping Up the Year
Microsoft bids farewell to 2023 with its final Patch Tuesday updates, addressing 33 flaws in its software. Remarkably, this release marks one of the lighter ones in recent years, featuring four Critical and 29 Important severity-rated fixes.
Notably, these updates come on the heels of the company addressing 18 flaws in its Chromium-based Edge browser since the November 2023 Patch Tuesday release.
Despite the modest count, the software giant has been highly active in 2023, addressing over 900 flaws, making it a remarkably busy year for Microsoft patches. To put this into perspective, Redmond resolved 917 CVEs in 2022.
While none of the addressed vulnerabilities are currently listed as publicly known or under active attack, several notable ones stand out:
Key Vulnerabilities
- CVE-2023-35628 (CVSS 8.1) – Windows MSHTML Platform Remote Code Execution Vulnerability
- CVE-2023-35630 (CVSS 8.8) – Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- CVE-2023-35636 (CVSS 6.5) – Microsoft Outlook Information Disclosure Vulnerability
- CVE-2023-35639 (CVSS 8.8) – Microsoft ODBC Driver Remote Code Execution Vulnerability
- CVE-2023-35641 (CVSS 8.8) – Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- CVE-2023-35642 (CVSS 6.5) – Internet Connection Sharing (ICS) Denial-of-Service Vulnerability
- CVE-2023-36019 (CVSS 9.6) – Microsoft Power Platform Connector Spoofing Vulnerability
CVE-2023-36019 is particularly noteworthy as it enables attackers to send a specially crafted URL, executing malicious scripts in the victim’s browser.
DHCP Server Service Vulnerabilities
Microsoft’s Patch Tuesday also addresses three flaws in the Dynamic Host Configuration Protocol (DHCP) server service, potentially leading to denial-of-service or information disclosure.
- CVE-2023-35638 (CVSS 7.5) – DHCP Server Service Denial-of-Service Vulnerability
- CVE-2023-35643 (CVSS 7.5) – DHCP Server Service Information Disclosure Vulnerability
- CVE-2023-36012 (CVSS 5.3) – DHCP Server Service Information Disclosure Vulnerability
Recent discoveries by Akamai highlight new attacks against Active Directory domains using Microsoft DHCP servers, allowing attackers to spoof sensitive DNS records, potentially leading to credential theft or full Active Directory domain compromise.
In response, Microsoft recommends disabling DHCP DNS Dynamic Updates if not required and avoiding the use of DNSUpdateProxy.
As we conclude 2023, it’s not just Microsoft addressing security concerns. Numerous vendors, including Adobe, Amazon Web Services, Cisco, WordPress, and many others, have released security updates over the past few weeks to address vulnerabilities across a wide range of software and services. This collective effort underscores the ongoing commitment to bolstering cybersecurity across the digital landscape.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: