Aggiornamenti Mensili Microsoft – Ottobre 2023

Sintesi

Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 97 nuove vulnerabilità, di cui 1 di tipo 0-day.

Note (aggionamento del 05/10/2023): le CVE-2023-28252 e CVE-2023-28229 risultano essere sfruttate attivamente in rete.

Note (aggiornamento del 22/05/2023): un Proof of Concept (PoC) per lo sfruttamento delle CVE-2023-28231 e CVE-2023-21554 risulta disponibile in rete

Rischio

Stima d’impatto della vulnerabilità sulla comunità di riferimento: GRAVE/ROSSO (75,12/100)¹.

Tipologia

Elevation of Privilege
Tampering
Security Feature Bypass
Spoofing
Denial of Service
Information Disclosure
Remote Code Execution

Prodotti e versioni affette

.NET Core
Azure Machine Learning
Azure Service Connector
Microsoft Bluetooth Driver
Microsoft Defender for Endpoint
Microsoft Dynamics
Microsoft Dynamics 365 Customer Voice
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft Message Queuing
Microsoft Office
Microsoft Office Publisher
Microsoft Office SharePoint
Microsoft Office Word
Microsoft PostScript Printer Driver
Microsoft Printer Drivers
Microsoft WDAC OLE DB provider for SQL
Microsoft Windows DNS
Visual Studio
Visual Studio Code
Windows Active Directory
Windows ALPC
Windows Ancillary Function Driver for WinSock
Windows Boot Manager
Windows Clip Service
Windows CNG Key Isolation Service
Windows Common Log File System Driver
Windows DHCP Server
Windows Enroll Engine
Windows Error Reporting
Windows Group Policy
Windows Internet Key Exchange (IKE) Protocol
Windows Kerberos
Windows Kernel
Windows Layer 2 Tunneling Protocol
Windows Lock Screen
Windows Netlogon
Windows Network Address Translation (NAT)
Windows Network File System
Windows Network Load Balancing
Windows NTLM
Windows PGM
Windows Point-to-Point Protocol over Ethernet (PPPoE)
Windows Point-to-Point Tunneling Protocol
Windows Raw Image Extension
Windows RDP Client
Windows Registry
Windows RPC API
Windows Secure Boot
Windows Secure Channel
Windows Secure Socket Tunneling Protocol (SSTP)
Windows Transport Security Layer (TLS)
Windows Win32K

Azioni di mitigazione

In linea con le dichiarazioni del vendor, si raccomanda di procedere all’aggiornamento dei prodotti impattati attraverso l’apposita funzione di Windows Update.

Identificatori univoci vulnerabilità

CVE-ID
CVE-2023-24914	CVE-2023-28274	CVE-2023-28307	CVE-2023-28226
CVE-2023-28252	CVE-2023-28278	CVE-2023-28271	CVE-2023-28306
CVE-2023-28314	CVE-2023-28299	CVE-2023-28217	CVE-2023-28219
CVE-2023-28287	CVE-2023-24924	CVE-2023-28305	CVE-2023-24931
CVE-2023-28296	CVE-2023-28270	CVE-2023-28237	CVE-2023-28223
CVE-2023-28227	CVE-2023-28220	CVE-2023-28267	CVE-2023-28247
CVE-2023-24860	CVE-2023-28222	CVE-2023-28235	CVE-2023-24929
CVE-2023-28309	CVE-2023-28308	CVE-2023-28246	CVE-2023-28269
CVE-2023-28231	CVE-2023-28228	CVE-2023-28241	CVE-2023-28268
CVE-2023-28256	CVE-2023-21729	CVE-2023-28249	CVE-2023-28293
CVE-2023-28311	CVE-2023-28260	CVE-2023-28276	CVE-2023-21769
CVE-2023-28285	CVE-2023-28300	CVE-2023-28266	CVE-2023-21554
CVE-2023-21727	CVE-2023-28234	CVE-2023-24886	CVE-2023-28238
CVE-2023-28302	CVE-2023-28288	CVE-2023-28262	CVE-2023-28232
CVE-2023-28295	CVE-2023-28229	CVE-2023-28225	CVE-2023-23375
CVE-2023-24926	CVE-2023-28244	CVE-2023-28297	CVE-2023-28218
CVE-2023-28304	CVE-2023-28248	CVE-2023-28263	CVE-2023-24887
CVE-2023-24925	CVE-2023-28277	CVE-2023-28236	CVE-2023-24885
CVE-2023-28216	CVE-2023-28291	CVE-2023-24928	CVE-2023-28253
CVE-2023-28224	CVE-2023-24884	CVE-2023-28298	CVE-2023-24893
CVE-2023-28272	CVE-2023-28255	CVE-2023-28233	CVE-2023-28273
CVE-2023-28240	CVE-2023-28313	CVE-2023-24912	CVE-2023-28312
CVE-2023-28221	CVE-2023-28254	CVE-2023-28243	CVE-2023-28292
CVE-2023-28275	CVE-2023-24883	CVE-2023-23384	CVE-2023-24927
CVE-2023-28250

Riferimenti

https://msrc.microsoft.com/update-guide/releaseNote/2023-Apr

https://msrc.microsoft.com/update-guide (NB: filtro: patch tuesday – April 2023)