June 2023 Patch Tuesday

Microsoft’s Patch Tuesday for June 2023 is here, bringing security updates for 78 problems, including 38 vulnerabilities that can be exploited remotely.

Microsoft addressed 38 bugs that could allow remote code execution (RCE), and out of those, they classified only six flaws as ‘Critical.’

EHA

While all these six critical bugs encompass:-

Remote Code Execution Flaws Patched

Here below, we have mentioned all the flaw categories:-

  • Elevation of Privilege: 17 Vulnerabilities
  • Security Feature Bypass: 3 Vulnerabilities
  • Remote Code Execution: 32 Vulnerabilities
  • Information Disclosure: 5 Vulnerabilities
  • Denial of Service: 10 Vulnerabilities
  • Spoofing: 10 Vulnerabilities
  • Edge – Chromium: 3 Vulnerabilities

No updates address any actively exploited bugs or zero-day vulnerabilities on this particular Patch Tuesday

This absence provides some comfort to Windows administrators, as they face increased pressure during this period.

The June 2023 Patch Tuesday doesn’t feature any zero-day vulnerabilities, but a few flaws still can’t be neglected. And here below, we have mentioned the:-

  • CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
  • CVE-2023-32031: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-33133: Microsoft Excel Remote Code Execution Vulnerability
  • CVE-2023-33137: Microsoft Excel Remote Code Execution Vulnerability
  • CVE-2023-33140: Microsoft OneNote Spoofing Vulnerability
  • CVE-2023-33131: Microsoft Outlook Remote Code Execution Vulnerability

Before installing system updates, it’s highly recommended that you take a moment to consider the importance of creating a backup for your system or the essential documents and data.

This precautionary measure is always recommended due to the prevention of the data loss.

Looking For an All-in-One Multi-OS Patch Management Platform – 

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.