Published on 15 Nov 2023
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
The vulnerabilities that have been classified as Critical in severity are listed in the table below.
Microsoft has also released security patches for three zero-day vulnerabilities impacting Windows products. The vulnerabilities are reportedly being actively exploited:
Users and administrators of affected product versions are advised to upgrade to the latest versions immediately.
For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2023-Nov
CRITICAL VULNERABILITIES
CVE Number | CVE Name | Base Score | Reference |
---|---|---|---|
CVE-2023-36397 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36397 |
CVE-2023-36400 | Windows HMAC Key Derivation Elevation of Privilege Vulnerability | 8.8 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36400 |
CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | 8.6 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36052 |