6 Critical CVEs & 38 Remote Code Execution Vulnerabilities
Microsoft has released patches for 78 vulnerabilities in the June Patch Tuesday rollout. Out of all patches released, 6 are rated as critical while the remaining are classified as Important. This Patch Tuesday also fixes 38 remote code execution vulnerabilities.
Let’s take a closer look at the most interesting updates for this month.
Critical Vulnerabilities Patched in June Patch Tuesday
- Windows Hyper-V Denial of Service Vulnerability
- CVE-2023-32013 is a critical vulnerability impacting Hyper-V which is Microsoft’s virtualization platform that enables administrators to simultaneously run multiple operating systems on the same physical server. According to Microsoft, “Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability”.
In other terms, this vulnerability can be exploited by a remote authenticated attacker through a specially crafted request, resulting in a denial of service condition.
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
- CVE-2023-29363, CVE-2023-32014 and CVE-2023-32015 are three distinct vulnerabilities with a CVSS score of 9.8. These vulnerabilities allow a remote, unauthenticated attacker to execute code on affected systems when the Windows Message Queuing service is running in a PGM server environment. Microsoft states in the description for each CVE: “The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine.”
- .NET, .NET Framework and Visual Studio Remote Code Execution Vulnerability
- CVE-2023-24897 is a vulnerability affecting Windows .NET, .NET Framework and Visual Studio which are used to create a variety of business applications. To be exploited, an attacker must convince a user to download and open a specially crafted file through social engineering. The malicious code will lead to a local attack on the system and allow the attacker to perform remote code execution.
Runecast covers all the 37 vulnerabilities that affect Windows operating systems and details of these vulnerabilities are shown in the table below.
Click to view larger image ↑
Important | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
CVE-2023-32017 Microsoft Printer Drivers RCE
Important | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-29372 Microsoft WDAC OLE DB provider for SQL RCE
Important | Windows Media Remote Code Execution Vulnerability
CVE-2023-29370 Microsoft Windows Codecs Library RCE
Important | Windows Media Remote Code Execution Vulnerability
CVE-2023-29365 Microsoft Windows Codecs Library RCE
Important | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2023-29362 Remote Desktop Client RCE
Important | Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2023-29352 Remote Desktop Client SFB
Important | Windows DNS Spoofing Vulnerability
CVE-2023-32020 Role: DNS Server Spoofing
Important | Windows Authentication Elevation of Privilege Vulnerability
CVE-2023-29364 Windows Authentication Methods EoP
Important | Windows Bus Filter Driver Elevation of Privilege Vulnerability
CVE-2023-32010 Windows Bus Filter Driver EoP
Important | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-29361 Windows Cloud Files Mini Filter Driver EoP
Important | Windows Collaborative Translation Framework Elevation of Privilege Vulnerability
CVE-2023-32009 Windows Collaborative Translation Framework EoP
Important | Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2023-32012 Windows Container Manager Service EoP
Important | Windows CryptoAPI Denial of Service Vulnerability
CVE-2023-24937 Windows CryptoAPI DoS
Important | Windows CryptoAPI Denial of Service Vulnerability
CVE-2023-24938 Windows CryptoAPI DoS
Important | DHCP Server Service Information Disclosure Vulnerability
CVE-2023-29355 Windows DHCP Server Info
Important | Windows Filtering Platform Elevation of Privilege Vulnerability
CVE-2023-29368 Windows Filtering EoP
Important | Windows GDI Elevation of Privilege Vulnerability
CVE-2023-29358 Windows GDI EoP
Important | Windows Geolocation Service Remote Code Execution Vulnerability
CVE-2023-29366 Windows Geolocation Service RCE
Important | Windows Group Policy Elevation of Privilege Vulnerability
CVE-2023-29351 Windows Group Policy EoP
Important | Windows Hello Remote Code Execution Vulnerability
CVE-2023-32018 Windows Hello RCE
⭕ Critical | Windows Hyper-V Denial of Service Vulnerability
CVE-2023-32013 Windows Hyper-V DoS
Important | Windows Installer Information Disclosure Vulnerability
CVE-2023-32016 Windows Installer Info
Important | Windows iSCSI Discovery Service Denial of Service Vulnerability
CVE-2023-32011 Windows iSCSI DoS
Important | Windows Kernel Information Disclosure Vulnerability
CVE-2023-32019 Windows Kernel Info
Important | NTFS Elevation of Privilege Vulnerability
CVE-2023-29346 Windows NTFS EoP
Important | Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-29373 Windows ODBC Driver RCE
Important | iSCSI Target WMI Provider Remote Code Execution Vulnerability
CVE-2023-29367 Windows OLE RCE
⭕ Critical | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-29363 Windows PGM RCE
⭕ Critical | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-32014 Windows PGM RCE
⭕ Critical | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-32015 Windows PGM RCE
Important | Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-29369 Windows Remote Procedure Call Runtime DoS
Important | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2023-32008 Windows Resilient File System (ReFS) RCE
Important | Windows Server Service Security Feature Bypass Vulnerability
CVE-2023-32022 Windows Server Service SFB
Important | Windows SMB Witness Service Security Feature Bypass Vulnerability
CVE-2023-32021 Windows SMB SFB
Important | Windows TPM Device Driver Elevation of Privilege Vulnerability
CVE-2023-29360 Windows TPM Device Driver EoP
Important | Windows GDI Elevation of Privilege Vulnerability
CVE-2023-29371 Windows Win32K EoP
Important | GDI Elevation of Privilege Vulnerability
CVE-2023-29359 Windows Win32K EoP
Runecast protects you against all of these
At Runecast we ensure that all operating systems vulnerabilities are covered, so you can focus on mitigating threats and ensuring your system is running safe and secure. We keep you updated about the latest vulnerabilities, exploits and security compliance research, and pride ourselves on responding quickly and decisively to key news and new developments in the IT Security and Operations spaces.
Runecast is an AI-powered platform that gives you complete visibility and control over potential vulnerabilities in your environment. It provides best practices, risk-based vulnerability management, security and compliance to ensure every aspect of your environment is protected. In addition, Runecast also provides explicit instructions and generates custom remediation scripts, ensuring rapid compliance within the environment. The Runecast platform can be deployed to AWS, Azure, Google Cloud, Kubernetes, and VMware environments and operates securely on-premises and in air-gapped environments.
Click to view larger image ↑
Click to view larger image ↑
Click to view larger image ↑
Click to view larger image ↑
Meet other Runecasters here:
Run Secure and Compliant Workloads Anywhere
Detect and assess risks and be fully compliant in minutes.