It’s September 2023 Patch Tuesday! Microsoft has released today security updates for all supported versions of Windows, including the brand new Windows 11!
If you’re already running Windows 11, version 22H2 on your PC, you should now be seeing the KB5030219 patch waiting for you in Windows Update. The update arrives with security updates and quality improvements!
➤ SECURITY UPDATE GUIDE:
✓
Highlights
● This update removes a blank menu item from the Sticky Keys menu. This issue occurs after you install KB5029351.
● This update addresses security issues for your Windows operating system.
Improvements
This security update includes improvements that were a part of update KB5029351 (released August 22, 2023). When you install this KB:
● This update addresses an issue that affects authentication. Using a smart card to join or rejoin a computer to an Active Directory domain might fail. This occurs after you install Windows updates dated October 2022 or later. For more details, see KB5020276.
SECURITY AT THE TOP!
Today is Microsoft’s September 2023 Patch Tuesday, with security updates for 59 flaws, including two actively exploited zero-day vulnerabilities.
Microsoft also shared fixes for two flaws in non-Microsoft products, Electron and Autodesk, and four Microsoft Edge (Chromium) vulnerabilities on September 7th.
Two actively exploited vulnerabilities
This month’s Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The two actively exploited zero-day vulnerabilities in today’s updates are:
CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges.
The flaw was discovered by Quan Jin(@jq0904) & ze0r with DBAPPSecurity WeBin Lab, Valentina Palmiotti with IBM X-Force, Microsoft Threat Intelligence, and Microsoft Security Response Center.
CVE-2023-36761 – Microsoft Word Information Disclosure Vulnerability
Microsoft has fixed an actively exploited vulnerability that can be used to steal NTLM hashes when opening a document, including in the preview pane.
These NTLM hashes can be cracked or used in NTLM Relay attacks to gain access to the account.
This flaw was discovered internally by the Microsoft Threat Intelligence group.
Microsoft is not currently aware of any issues with this update.
➤ DOWNLOAD THE UPDATE MANUALLY:
✓
➤ MORE INFORMATION & RESOURCES:
✓
✓
✓
#windows11 #KB5030219 #KB5030217 #Windows365 #Switch #api #laps #LAPS #local #administrator #password #solution #windows11 #22h2 #KB5030316 #kb5030219 #kb5030217 #Windows11update #23H2 #24H2 #SearchHighlights #Search #Highlights #search #highlights #searchhighlights #windows11search #Build19045 #22H2 #securityupdates #22h2 #PatchTuesday #SecurityUpdates #Windows10Update #Windows11Update #CumulativeUpdates #WindowsUpdate #MicrosoftUpdates #windows #WindowsInsiders #Windows #windows10
#windows11 #Windows11 #Windows11version22H2 #22H2 #Windows1122H2 #windows1122h2 #windows11features #windows11installation
[ad_2]
source
