Security News > 2023 > August > Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
Today is Microsoft's August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities.
This month's Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed.
Microsoft has released an Office Defense in Depth update to fix a patch bypass of the previously fixed and actively exploited CVE-2023-36884 security bypass flaw.
Microsoft has fixed an actively exploited vulnerability that can cause a DDoS attack on.
Google released the Android August 2023 updates to fix actively exploited vulnerabilities.
Below is the complete list of resolved vulnerabilities in the August 2023 Patch Tuesday updates.
News URL
Related news
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) (source)
- Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234) (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- CrushFTP warns users to patch exploited zero-day “immediately” (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-11 | CVE-2023-36884 | Unspecified vulnerability in Microsoft products Windows Search Remote Code Execution Vulnerability | 7.5 |