Today’s Microsoft Security Update includes Microsoft Patch Tuesday checks in the NIRV 4.28.0 and Frontline Agent 1.64.0 releases.

• Microsoft addressed 59 vulnerabilities in this release, including five rated as Critical.
• This release also includes three republished non-Microsoft CVEs to address issues in Microsoft Edge (Chromium-based), Visual Studio Code, and 3D Viewer.
• Two of the CVEs fixed in this month’s release are also being exploited in the wild.
  • CVE-2023-36802
    • A privilege escalation vulnerability in the Microsoft Streaming Service Proxy could allow an attacker to gain SYSTEM privileges on the affected system.
  • CVE-2023-36761
    • This information disclosure vulnerability in Microsoft Word could result in the disclosure of NTLM hashes.

CVE/Advisory	Title	Tag	Microsoft Severity Rating	Base Score	Microsoft Impact	Exploited	Publicly Disclosed
CVE-2023-35355	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Windows Cloud Files Mini Filter Driver	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38162	DHCP Server Service Denial of Service Vulnerability	Windows DHCP Server	Important	7.5	Denial of Service	No	No
CVE-2023-38161	Windows GDI Elevation of Privilege Vulnerability	Windows GDI	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38156	Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability	Azure HDInsights	Important	7.2	Elevation of Privilege	No	No
CVE-2023-38152	DHCP Server Service Information Disclosure Vulnerability	Windows DHCP Server	Important	5.3	Information Disclosure	No	No
CVE-2023-38150	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38149	Windows TCP/IP Denial of Service Vulnerability	Windows TCP/IP	Important	7.5	Denial of Service	No	No
CVE-2023-38148	Internet Connection Sharing (ICS) Remote Code Execution Vulnerability	Windows Internet Connection Sharing (ICS)	Critical	8.8	Remote Code Execution	No	No
CVE-2023-38147	Windows Miracast Wireless Display Remote Code Execution Vulnerability	Microsoft Windows Codecs Library	Important	8.8	Remote Code Execution	No	No
CVE-2023-38146	Windows Themes Remote Code Execution Vulnerability	Windows Themes	Important	8.8	Remote Code Execution	No	No
CVE-2023-38144	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Windows Common Log File System Driver	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38143	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Windows Common Log File System Driver	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38142	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38141	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	7.8	Elevation of Privilege	No	No
CVE-2023-38140	Windows Kernel Information Disclosure Vulnerability	Windows Kernel	Important	5.5	Information Disclosure	No	No
CVE-2023-38139	Windows Kernel Elevation of Privilege Vulnerability	Windows Kernel	Important	7.8	Elevation of Privilege	No	No
CVE-2023-36805	Windows MSHTML Platform Security Feature Bypass Vulnerability	Windows Scripting	Important	7	Security Feature Bypass	No	No
CVE-2023-36804	Windows GDI Elevation of Privilege Vulnerability	Windows GDI	Important	7.8	Elevation of Privilege	No	No
CVE-2023-36803	Windows Kernel Information Disclosure Vulnerability	Windows Kernel	Important	5.5	Information Disclosure	No	No
CVE-2023-36802	Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability	Microsoft Streaming Service	Important	7.8	Elevation of Privilege	Yes	No
CVE-2023-36801	DHCP Server Service Information Disclosure Vulnerability	Windows DHCP Server	Important	5.3	Information Disclosure	No	No
CVE-2023-36767	Microsoft Office Security Feature Bypass Vulnerability	Microsoft Office	Important	4.3	Security Feature Bypass	No	No
CVE-2023-36766	Microsoft Excel Information Disclosure Vulnerability	Microsoft Office Excel	Important	7.8	Information Disclosure	No	No
CVE-2023-36765	Microsoft Office Elevation of Privilege Vulnerability	Microsoft Office	Important	7.8	Elevation of Privilege	No	No
CVE-2023-36759	Visual Studio Elevation of Privilege Vulnerability	Visual Studio	Important	6.7	Elevation of Privilege	No	No
CVE-2023-36758	Visual Studio Elevation of Privilege Vulnerability	Visual Studio	Important	7.8	Elevation of Privilege	No	No
CVE-2023-36757	Microsoft Exchange Server Spoofing Vulnerability	Microsoft Exchange Server	Important	8	Spoofing	No	No
CVE-2023-36756	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft Exchange Server	Important	8	Remote Code Execution	No	No
CVE-2023-36745	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft Exchange Server	Important	8	Remote Code Execution	No	No
CVE-2023-36744	Microsoft Exchange Server Remote Code Execution Vulnerability	Microsoft Exchange Server	Important	8	Remote Code Execution	No	No
CVE-2023-36742	Visual Studio Code Remote Code Execution Vulnerability	Visual Studio Code	Important	7.8	Remote Code Execution	No	No
CVE-2023-36736	Microsoft Identity Linux Broker Remote Code Execution Vulnerability	Microsoft Identity Linux Broker	Important	4.4	Remote Code Execution	No	No
CVE-2023-41764	Microsoft Office Spoofing Vulnerability	Microsoft Office	Moderate	5.5	Spoofing	No	No
CVE-2022-41303	AutoDesk: CVE-2022-41303 use-after-free vulnerability in Autodesk® FBX® SDK 2020 or prior	3D Viewer	Important	N/A	Remote Code Execution	No	No
CVE-2023-29332	Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability	Microsoft Azure Kubernetes Service	Critical	7.5	Elevation of Privilege	No	No
CVE-2023-33136	Azure DevOps Server Remote Code Execution Vulnerability	Azure DevOps	Important	8.8	Remote Code Execution	No	No
CVE-2023-36886	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Microsoft Dynamics	Important	7.6	Spoofing	No	No
CVE-2023-38164	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Microsoft Dynamics	Important	7.6	Spoofing	No	No
CVE-2023-38163	Windows Defender Attack Surface Reduction Security Feature Bypass	Windows Defender	Important	7.8	Security Feature Bypass	No	No
CVE-2023-38160	Windows TCP/IP Information Disclosure Vulnerability	Windows TCP/IP	Important	5.5	Information Disclosure	No	No
CVE-2023-38155	Azure DevOps Server Remote Code Execution Vulnerability	Azure DevOps	Important	7	Elevation of Privilege	No	No
CVE-2023-36800	Dynamics Finance and Operations Cross-site Scripting Vulnerability	Microsoft Dynamics Finance & Operations	Important	7.6	Spoofing	No	No
CVE-2023-36799	.NET Core and Visual Studio Denial of Service Vulnerability	.NET Core & Visual Studio	Important	6.5	Denial of Service	No	No
CVE-2023-36796	Visual Studio Remote Code Execution Vulnerability	.NET and Visual Studio	Important/Critical	7.8	Remote Code Execution	No	No
CVE-2023-36794	Visual Studio Remote Code Execution Vulnerability	.NET and Visual Studio	Important	7.8	Remote Code Execution	No	No
CVE-2023-36793	Visual Studio Remote Code Execution Vulnerability	.NET and Visual Studio	Important/Critical	7.8	Remote Code Execution	No	No
CVE-2023-36792	Visual Studio Remote Code Execution Vulnerability	.NET and Visual Studio	Important/Critical	7.8	Remote Code Execution	No	No
CVE-2023-36788	.NET Framework Remote Code Execution Vulnerability	.NET Framework	Important	7.8	Remote Code Execution	No	No
CVE-2023-36777	Microsoft Exchange Server Information Disclosure Vulnerability	Microsoft Exchange Server	Important	5.7	Information Disclosure	No	No
CVE-2023-36773	3D Builder Remote Code Execution Vulnerability	3D Builder	Important	7.8	Remote Code Execution	No	No
CVE-2023-36772	3D Builder Remote Code Execution Vulnerability	3D Builder	Important	7.8	Remote Code Execution	No	No
CVE-2023-36771	3D Builder Remote Code Execution Vulnerability	3D Builder	Important	7.8	Remote Code Execution	No	No
CVE-2023-36770	3D Builder Remote Code Execution Vulnerability	3D Builder	Important	7.8	Remote Code Execution	No	No
CVE-2023-36764	Microsoft SharePoint Server Elevation of Privilege Vulnerability	Microsoft Office SharePoint	Important	8.8	Elevation of Privilege	No	No
CVE-2023-36763	Microsoft Outlook Information Disclosure Vulnerability	Microsoft Office Outlook	Important	7.5	Information Disclosure	No	No
CVE-2023-36762	Microsoft Word Remote Code Execution Vulnerability	Microsoft Office Word	Important	7.3	Remote Code Execution	No	No
CVE-2023-36761	Microsoft Word Information Disclosure Vulnerability	Microsoft Office Word	Important	6.2	Information Disclosure	Yes	Yes
CVE-2023-36760	3D Viewer Remote Code Execution Vulnerability	3D Viewer	Important	7.8	Remote Code Execution	No	No
CVE-2023-39956	Electron: CVE-2023-39956 -Visual Studio Code Remote Code Execution Vulnerability	Visual Studio Code	Important	N/A	Remote Code Execution	No	No
CVE-2023-36740	3D Viewer Remote Code Execution Vulnerability	3D Viewer	Important	7.8	Remote Code Execution	No	No
CVE-2023-36739	3D Viewer Remote Code Execution Vulnerability	3D Viewer	Important	7.8	Remote Code Execution	No	No
CVE-2023-4863	Chromium: CVE-2023-4863 Heap buffer overflow in WebP	Microsoft Edge (Chromium-based)		N/A

When school is out for summer, it seems like everyone is on vacation – everyone except your (un)friendly neighborhood cybercriminals.

Something about the summer months puts us off our guard and threat actors on high alert. The only way to stay safe is to know what’s causing the trouble in the first place. We’ve packed our sunscreen – now read on to find out how to make sure your security also doesn’t get burned.

Summer Cybersecurity Weaknesses to Look Out For

1. Holidays mean lower staff counts | Summer is the time for family vacations, trips abroad, and lower rates of qualified cybersecurity personnel on duty. Additionally, temporary staff may also not have had the same security awareness training and therefore be more susceptible to phishing emails, insecure file transfers, and other unsafe practices. Threat actors can take advantage of this natural deficiency, leading to potentially increased risks of phishing and lower response times on urgent alerts. Together, this make for a bad combination.
2. Servers can’t beat the heat | Everyone knows that a hot server is a slow server. An overheated server can severely malfunction or even crash, leaving companies not only potentially incapacitated, but also vulnerable. As heat waves are increasingly taking down data centers, the potential cybersecurity risks such incidents pose is becoming clear. Hastily bringing a server back online could actually compound the problem, accidentally opening more avenues of attack by failing to take the proper precautions and set it up right. And, if companies reduce operations to prevent servers from getting too hot, such measures may have unintended consequences of increasing risk to the enterprise.   
3. Vacation means poolside public WiFi | Just because remote work allows you to work from anywhere doesn’t mean it’s safe to connect everywhere. Public WiFi is not the place to log in and check a quick work email – even for a minute. It only takes a moment for the right threat actor to infect your device with malware, snoop for confidential data, or hijack your session. It’s annoying when it happens to your Gmail account. It’s detrimental when it happens to your Microsoft Outlook work account. An attacker may scan sensitive information, download your contacts, and pivot to others within your organization. On top of that, vacation is a time when those who do find time to work are often distracted and may be more careless about what they’re opening. And the threats are out there: Business Email Compromise (BEC) resulted in $2.7 billion dollars in losses in 2022.

Protecting Your Organization All Year Long

No one wants to come back from a week off to find an IT disaster waiting for them. Here are some tips to stay safe:

1. Vulnerability Scanning | Never fly blind when it comes to your network, especially when you’re out of the office. These scans can be scheduled and automated, making it easy to keep an eye on things, even with staff outages. These scans provide the foundation for any subsequent security efforts – you can’t fix what you can’t see.
2. Pen Testing | Pen testing is great for making sure your systems are as good-to-go as you think they are. They can not only exploit and prioritize vulnerabilities but can also make you aware of misconfigurations – like if that server got back online too quickly and left the enterprise exposed. You don’t want to go on vacations with systems unpatched, and pen testing on a regular basis can help your team take on a proactive – not reactive – approach to security.
3. Red Team Exercises | Make sure your security team is prepared by putting them to the test. Red teaming doesn’t just assess defenses, it also helps train the blue team. Facing down real-world threat tactics goes beyond even the preparation of knowing what to patch. It tests their security nervous system, anticipates how well they will do under pressure, and seasons them so if the worst happens while the team is short-staffed everyone will still know what to do.
4. Use a VPN | You never know where your adventures might lead, or how tempted you might be to fall for public WiFi when your data runs out in a strange city. For instance, the FBI has explicitly warned against cell-charging kiosks, stating that “Cybersecurity experts warn that bad actors can load malware onto public USB charging stations to maliciously access electronic devices while they are being charged.” It’s safer to make a habit of using a VPN – either for personal or work use – every time you log in. Cybercriminals are working when you’re not, and every in is a potential liability.
5. Make social engineering tests a must | All a threat actor needs is one weak link. You can prepare team members with a phishing campaign that tests how they react to malicious emails they might encounter. This can help identify who is susceptible and in need of additional training on how to stay safe and spot suspicious activity. You never know who might be up late, checking emails in a hotel room while on vacation – off their guard and susceptible to click bait, ransomware-infested text links and other phishing emails.

The Best Defense is a Good Offense

Cybercriminals don’t sleep, and neither do we. The best defense is a good offense and Fortra’s Core Security has solutions to prepare your organization to stay sharp during the summer months and beyond.

Core Impact, Core Security’s flagship penetration testing tool, can integrate with top vulnerability scanners like beSECURE to maximize the impact of both. Adversary simulations and red team operations can be run with the help of Cobalt Strike and Outflank Security Tooling (OST), two powerful red teaming solutions ideal for deploying sophisticated adversary simulations. Best of all, these solutions can be bundled together so you can cost effectively accelerate your offensive security strategy.

If we’re not careful, we can get burned by more than just the sun this summer. Secure your enterprise with Core Security’s lineup of offensive security solutions and enjoy your time off.