Breaking Down the Latest June 2023 Patch Tuesday Report

Published in

TheSecMaster

4 min readJul 5, 2023

Here is another Microsoft Patch Tuesday Report. Microsoft releases its monthly report to address various vulnerabilities and helps its customers stay aware of all the threats and possible security vulnerabilities. This June 2023 Patch Tuesday report also fixes some vulnerabilities in various Microsoft products.

This blog gives you an overview of the latest June 2023 Patch Tuesday report and highlights the vulnerabilities found, their categories, and their severity levels.

· Microsoft Patch Tuesday, June 2023 Report Summary
∘ Vulnerabilities by Category
· Notable Vulnerabilities in June 2023 Patch Tuesday
∘ CVE-2023–29357 Elevation of Privilege Vulnerability
∘ CVE-2023–32031 Remote Code Execution Vulnerability
· List of Critical Vulnerabilities Patched in June 2023 Patch Tuesday
· Complete List of Vulnerabilities Patched in June 2023 Patch Tuesday Are:

Microsoft Patch Tuesday, June 2023 Report Summary

June 2023 Patch Tuesday report is out, and below is a quick overview of the report:

The report presents 94 vulnerabilities in total, out of which 6 are classified as critical, 60 as important, 2 as Low, and 16 as unknown.
There are no zero-day vulnerabilities found in June 2023 Patch Tuesday.
The affected products covered in the June 2023 Patch Tuesday report include .NET and Visual Studio, .NET Core, .NET Framework, ASP .NET, Azure DevOps, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office SharePoint, Microsoft Power Apps, Microsoft Printer Drivers, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Codecs Library, NuGet Client, Remote Desktop Client, DNS Server, SysInternals, Visual Studio, Visual Studio Code, Windows Authentication Methods, Windows Bus Filter Driver, Windows Cloud Files Mini Filter Driver, Windows Collaborative Translation Framework, Windows Container Manager Service, Windows CryptoAPI, Windows DHCP Server, Windows Filtering, Windows GDI, Windows Geolocation Service, Windows Group Policy, Windows Hello, Windows Hyper-V, Windows Installer, Windows iSCSI, Windows Kernel, Windows NTFS, Windows ODBC Driver, Windows OLE, Windows PGM, Windows Remote Procedure Call Runtime, Windows Resilient File System (ReFS), Windows Server Service, Windows SMB, Windows TPM Device Driver, and Windows Win32K.

Vulnerabilities by Category

The complete list of 94 vulnerabilities is classified into seven categories. Remote Code Execution Vulnerability has been identified as the most common vulnerability, occurring 32 times, while Edge-Chromium Vulnerability is the least frequent, occurring only 1 time. 16 vulnerabilities are unknown but are also mentioned in the report with the name, title, and product affected. Please refer to the table below for complete details on all categories of vulnerabilities:

Notable Vulnerabilities in June 2023 Patch Tuesday

There are no zero-day vulnerabilities in June 2023 Patch Tuesday, however below are some notable vulnerabilities that are found and have been fixed by Microsoft:

CVE-2023–29357 Elevation of Privilege Vulnerability

CVE-2023–29357 is a privilege elevation vulnerability and was first discovered by Jang (Nguyễn Tiến Giang) of StarLabs SG. This flaw could enable attackers to assume the privileges of other users, including administrators. By utilizing spoofed JWT authentication tokens, an attacker can bypass authentication and gain access to the privileges of an authenticated user.

CVE-2023–32031 Remote Code Execution Vulnerability

This vulnerability was first discovered by Piotr Bazydlo of Trend Micro Zero Day Initiative. It is a remote code execution vulnerability found in Microsoft Exchange Server. Attackers could target server accounts and attempt to trigger malicious code in the context of the server’s account through a network call.

List of Critical Vulnerabilities Patched in June 2023 Patch Tuesday

The list of all 6 critical vulnerabilities patched in June 2023 Patch Tuesday is as follows:

Complete List of Vulnerabilities Patched in June 2023 Patch Tuesday Are:

If you wish to download the complete list of vulnerabilities patched in June 2023 Patch Tuesday, you can do it from here.

Thank you for reading this blog post that highlights the significant updates released by Microsoft in the June 2023 Patch Tuesday. These updates are crucial for addressing security vulnerabilities and improving the overall security of Microsoft products like Windows, Office, and Exchange Server.

It is highly recommended to prioritize the installation of these patches promptly to minimize the potential risks associated with these vulnerabilities. By keeping your systems up-to-date with the latest security patches and adopting proactive security practices, you can effectively safeguard your systems against potential cyber threats. This will help ensure the integrity and safety of your systems and data.

We hope this post lets you understand which vulnerabilities Microsoft released patches in June 2023 Patch Tuesday Report. Please share this post if you find this interested. Visit our website thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive updates like this.

This post is originally published at thesecmaster.com

We thank everybody who has been supporting our work and request you check out thesecmaster.com for more such articles.