Microsoft's June 2023 Patch Tuesday – 38 Remote Code Execution Flaws Patched
Microsoft’s Patch Tuesday for June 2023 is right here, bringing security updates for 78 problems, together with 38 vulnerabilities that will also be exploited remotely.
Microsoft addressed 38 bugs that would possibly maybe well perchance allow faraway code execution (RCE), and out of these, they classified most effective six flaws as ‘Extreme.’
While all these six vital bugs embody:-
- Denial of carrier attacks
- RCE
- Privilege elevation
Faraway Code Execution Flaws Patched
Right here under, now we contain talked about the whole flaw classes:-
- Elevation of Privilege: 17 Vulnerabilities
- Security Characteristic Bypass: 3 Vulnerabilities
- Faraway Code Execution: 32 Vulnerabilities
- Files Disclosure: 5 Vulnerabilities
- Denial of Service: 10 Vulnerabilities
- Spoofing: 10 Vulnerabilities
- Edge – Chromium: 3 Vulnerabilities
No updates tackle any actively exploited bugs or zero-day vulnerabilities on this affirm Patch Tuesday.
This absence gives some comfort to Windows directors, as they face increased stress all through this duration.
The June 2023 Patch Tuesday doesn’t feature any zero-day vulnerabilities, but a few flaws serene can’t be left out. And right here under, now we contain talked about the:-
- CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
- CVE-2023-32031: Microsoft Alternate Server Faraway Code Execution Vulnerability
- CVE-2023-33133: Microsoft Excel Faraway Code Execution Vulnerability
- CVE-2023-33137: Microsoft Excel Faraway Code Execution Vulnerability
- CVE-2023-33140: Microsoft OneNote Spoofing Vulnerability
- CVE-2023-33131: Microsoft Outlook Faraway Code Execution Vulnerability
Earlier than installing system updates, it’s highly steered that you just grab a moment to think relating to the importance of growing a backup to your system or the a must contain documents and files.
This precautionary measure is continually steered attributable to the prevention of the guidelines loss.
Source credit : cybersecuritynews.com