filmov
tv
[KB5027223] WHAT IS NEW in Windows 11 June 2023 Patch Tuesday?
Показать описание
It's June 2023 Patch Tuesday! Microsoft has released today security updates for all supported versions of Windows, including the brand new Windows 11!
If you’re already running Windows 11, version 21H2 on your PC, you should now be seeing the KB5027223 patch waiting for you in Windows Update. The update arrives with security updates and quality improvements!
➤ SECURITY UPDATE GUIDE:
Highlights
● This update addresses security issues for your Windows operating system.
Improvements
This security update includes improvements that were a part of update KB5025298 (released April 25, 2023). When you install this KB:
● This update addresses a known issue that affects 32-bit apps that are large address aware and use the CopyFile API. You might have issues when you save, copy, or attach files. If you use some commercial or enterprise security software that uses extended file attributes, this issue will likely affect you. For Microsoft Office apps, this issue only affects the 32-bit versions. You might receive the error, "Document not saved."
● This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry.
● This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.
SECURITY AT THE TOP!
Today is Microsoft's June 2023 Patch Tuesday, with security updates for 78 flaws, including 38 remote code execution vulnerabilities.
While thirty-eight RCE bugs were fixed, Microsoft only listed six flaws as 'Critical,' including denial of service attacks, remote code execution, and privilege elevation.
The number of bugs in each vulnerability category is listed below:
17 Elevation of Privilege Vulnerabilities
3 Security Feature Bypass Vulnerabilities
32 Remote Code Execution Vulnerabilities
5 Information Disclosure Vulnerabilities
10 Denial of Service Vulnerabilities
10 Spoofing Vulnerabilities
1 Edge - Chromium Vulnerabilities
This list does not include sixteen Microsoft Edge vulnerabilities previously fixed on June 2nd, 2023.
This Patch Tuesday does not fix any zero-day vulnerabilities or actively exploited bugs, relieving some of the pressure usually felt by Windows admins during this day.
Notable vulnerabilities
While there are no zero-day vulnerabilities in the June 2023 Patch Tuesday, there are some notable flaws listed below:
CVE-2023-29357 - Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft has fixed a privilege elevation vulnerability in Microsoft SharePoint that could allow attackers to assume the privileges of other users, including administrators.
"An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user." reads Microsoft's advisory.
While Microsoft reports that the bug is actively exploited, there are no details on how it was abused.
Microsoft says that Jang (Nguyễn Tiến Giang) of StarLabs SG discovered the vulnerability.
CVE-2023-32031 - Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft has fixed a Microsoft Exchange vulnerability that allows authenticated, remote code execution.
"The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call," reads Microsoft's advisory.
Microsoft has also released numerous Microsoft Office updates for vulnerabilities, allowing threat actors to use malicious crafted Excel and OneNote documents to perform remote code execution.
➤ DOWNLOAD THE UPDATE MANUALLY:
➤ MORE INFORMATION & RESOURCES:
#windows11 #KB5027231 #KB5027223 #api #laps #LAPS #local #administrator #password #solution #windows11 #22h2 #KB5026446 #kb5027223 #kb5027231 #Windows11update #23H2 #24H2 #SearchHighlights #Search #Highlights #search #highlights #searchhighlights #windows11search #Build19045 #22H2 #securityupdates #22h2 #PatchTuesday #SecurityUpdates #Windows10Update #Windows11Update #CumulativeUpdates #WindowsUpdate #MicrosoftUpdates #windows #WindowsInsiders #Windows #windows10
#windows11 #Windows11 #Windows11version22H2 #22H2 #Windows1122H2 #windows1122h2 #windows11features #windows11installation
#Build22621 #Build22631 #22H2 #23H2 #CanaryChannel #DevChannel #June24 #windows11upgrade #windows11features
If you’re already running Windows 11, version 21H2 on your PC, you should now be seeing the KB5027223 patch waiting for you in Windows Update. The update arrives with security updates and quality improvements!
➤ SECURITY UPDATE GUIDE:
Highlights
● This update addresses security issues for your Windows operating system.
Improvements
This security update includes improvements that were a part of update KB5025298 (released April 25, 2023). When you install this KB:
● This update addresses a known issue that affects 32-bit apps that are large address aware and use the CopyFile API. You might have issues when you save, copy, or attach files. If you use some commercial or enterprise security software that uses extended file attributes, this issue will likely affect you. For Microsoft Office apps, this issue only affects the 32-bit versions. You might receive the error, "Document not saved."
● This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry.
● This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.
SECURITY AT THE TOP!
Today is Microsoft's June 2023 Patch Tuesday, with security updates for 78 flaws, including 38 remote code execution vulnerabilities.
While thirty-eight RCE bugs were fixed, Microsoft only listed six flaws as 'Critical,' including denial of service attacks, remote code execution, and privilege elevation.
The number of bugs in each vulnerability category is listed below:
17 Elevation of Privilege Vulnerabilities
3 Security Feature Bypass Vulnerabilities
32 Remote Code Execution Vulnerabilities
5 Information Disclosure Vulnerabilities
10 Denial of Service Vulnerabilities
10 Spoofing Vulnerabilities
1 Edge - Chromium Vulnerabilities
This list does not include sixteen Microsoft Edge vulnerabilities previously fixed on June 2nd, 2023.
This Patch Tuesday does not fix any zero-day vulnerabilities or actively exploited bugs, relieving some of the pressure usually felt by Windows admins during this day.
Notable vulnerabilities
While there are no zero-day vulnerabilities in the June 2023 Patch Tuesday, there are some notable flaws listed below:
CVE-2023-29357 - Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft has fixed a privilege elevation vulnerability in Microsoft SharePoint that could allow attackers to assume the privileges of other users, including administrators.
"An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user." reads Microsoft's advisory.
While Microsoft reports that the bug is actively exploited, there are no details on how it was abused.
Microsoft says that Jang (Nguyễn Tiến Giang) of StarLabs SG discovered the vulnerability.
CVE-2023-32031 - Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft has fixed a Microsoft Exchange vulnerability that allows authenticated, remote code execution.
"The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call," reads Microsoft's advisory.
Microsoft has also released numerous Microsoft Office updates for vulnerabilities, allowing threat actors to use malicious crafted Excel and OneNote documents to perform remote code execution.
➤ DOWNLOAD THE UPDATE MANUALLY:
➤ MORE INFORMATION & RESOURCES:
#windows11 #KB5027231 #KB5027223 #api #laps #LAPS #local #administrator #password #solution #windows11 #22h2 #KB5026446 #kb5027223 #kb5027231 #Windows11update #23H2 #24H2 #SearchHighlights #Search #Highlights #search #highlights #searchhighlights #windows11search #Build19045 #22H2 #securityupdates #22h2 #PatchTuesday #SecurityUpdates #Windows10Update #Windows11Update #CumulativeUpdates #WindowsUpdate #MicrosoftUpdates #windows #WindowsInsiders #Windows #windows10
#windows11 #Windows11 #Windows11version22H2 #22H2 #Windows1122H2 #windows1122h2 #windows11features #windows11installation
#Build22621 #Build22631 #22H2 #23H2 #CanaryChannel #DevChannel #June24 #windows11upgrade #windows11features
![[KB5027223] WHAT IS](https://i.ytimg.com/vi/3iU3McWj1NA/hqdefault.jpg)
0:01:25
0:07:14
0:01:53
0:06:00
0:07:47
0:02:50
0:01:52
0:11:31
0:03:29
0:01:33
![[KB5027231] WHAT IS](https://i.ytimg.com/vi/6iFxugoc4tg/hqdefault.jpg)
0:01:50
![[KB5027215] WHAT IS](https://i.ytimg.com/vi/CaHBO2Jf_r8/hqdefault.jpg)
0:01:37
0:04:39
![[KB5027292] WHAT'S NEW](https://i.ytimg.com/vi/fqCi09jNfXI/hqdefault.jpg)
0:01:39
0:07:29
0:04:29
0:06:56
0:03:16
0:08:15
0:02:01
0:06:40
0:01:24
0:05:22
0:06:35