{"id":48532,"date":"2023-09-13T11:57:13","date_gmt":"2023-09-13T10:57:13","guid":{"rendered":"https:\/\/www.n-able.com\/?p=48532"},"modified":"2023-09-14T12:19:59","modified_gmt":"2023-09-14T11:19:59","slug":"patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix","title":{"rendered":"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix"},"content":{"rendered":"

September is turning out to have quite a few zero-day vulnerabilities from vendors other than Microsoft you need to be aware of. While we typically focus on Microsoft\u2019s Patch Tuesday releases, this month will include Adobe, Chrome, Mozilla, Cisco, and iOS fixes that will need to be applied to mitigate against attacks. <\/span><\/p>\n

Microsoft Vulnerabilities <\/span><\/h2>\n

Microsoft addressed 59 new vulnerabilities this month and updated three previous vulnerabilities. Five are critical and two are zero-days vulnerabilities under active exploitation. While the two actively exploited zero-days are rated as \u201cImportant\u201d they could be used in part of a chained attack\u2014relying on other vulnerabilities or compromised systems to be effective. This is a great example of how relying only on the severity rating of a vulnerability to make decisions about when to apply patches could leave you unnecessarily exposed to an active threat campaign. \u00a0<\/span><\/p>\n

CVE-2023-36802<\/span><\/h2>\n

A Microsoft Streaming Service Proxy Elevation of Privilege vulnerability rated CVSS 7.8, CVE-2023-36802<\/span><\/a> allows an attacker to gain SYSTEM privileges. Since this was not a publicly disclosed vulnerability information on how this vulnerability is leveraged is limited.<\/span><\/p>\n

CVE-2023-36761<\/span><\/h2>\n

This is potentially the most impactful vulnerability of the month as it involves the disclosure of NTLM hashes, which an attacker can use to impersonate a user or authenticate to a system without the need to decrypt a hashed version of a password. To trigger the vulnerability a user views a specially crafted Word document in the Windows preview pane. The near ubiquitous nature of Microsoft Word and that this affects versions of Office as far back as 2013 means there is a huge pool of potential targets. CVE-2023-36761<\/span><\/a> should be on the top of your to-do list this month. <\/span><\/p>\n

CVE-2023-38148<\/span><\/h2>\n

A Critical rated vulnerability, CVE-2023-38148<\/span><\/a> is an Internet Connection Sharing Remote Code Execution vulnerability with a CVSS of 8.8. While Internet Connection Sharing has been around in the Windows world for many years, its use is not as common as it once was\u2014although it is still available in modern versions of Windows. This vulnerability allows for an attacker on the same network to send a specially crafted packet to the target device to execute arbitrary commands, allowing the attacker to easily push malware or take other actions. Since this requires no interaction on the part of the end-user this could easily find its way into the toolkits of attackers.<\/span><\/p>\n

Cisco<\/span><\/h2>\n

CVE-2023-20269 is a zero-day vulnerability under active exploitation affecting Cisco\u2019s ASA and Firepower Threat Defense VPN features and allowing unauthorized access. As this is being leveraged in active, ongoing threat campaigns please read the Cisco Security Advisory<\/span><\/a> for more info and guidance on remediation.<\/span><\/p>\n

Adobe<\/span><\/h2>\n

Adobe has released security updates to address CVE-2023-26369, which is a Critical rated zero-day vulnerability under active exploitation. It affects Adobe Acrobat for both Windows and macOS. As this is actively exploited and Adobe has a large install base in most environments, be sure to read Adobe\u2019s Security Bulletin<\/span><\/a> for more info and guidance on remediation.<\/span><\/p>\n

Mozilla<\/span><\/h2>\n

CVE-2023-4863<\/a><\/span> is a Critical rated vulnerability that exists in the libwebp<\/span><\/a> code library and affects Mozilla Firefox, Thunderbird, and Brave browsers that received updates. This vulnerability uses specially crafted HTML to allow an attacker to write to memory they otherwise would not be able to access. Because the libweb library is used by multiple products, including Chromium, teams will likely need to update a lot of applications they may not be accustomed to patching; so tracking down updates may be time consuming. <\/span><\/p>\n

iOS<\/span><\/h2>\n

Turning attention to international espionage and spycraft, Apple fixed a zero-day vulnerability that was part of a zero-click exploit chain that was leveraged in a campaign to infect iPhones with Pegasus spyware. CVE-2023-44064 and CVE-2023-41061 were used in an exploit chain referred to as BLASTPASS by Citizen Lab<\/span><\/a>.<\/span><\/p>\n

Microsoft Patch Tuesday<\/span> <\/span>Vulnerability Prioritization <\/span><\/h2>\n

Addressing vulnerabilities effectively requires a mix of adhering to established best practices and leveraging informed judgment. While it’s a natural instinct to rank vulnerabilities with critical severity ratings higher on the list of things that need to be addressed, relying on severity ratings alone can be limiting. An often-overlooked component is temporal metrics, which provide a measure of the window of vulnerability\u2014the time from initial vulnerability discovery to the availability and application of the patch. This is essential as the longer a vulnerability exists without a fix, the greater the potential for exploitation. By integrating temporal metrics into the risk evaluation process, organizations can gain a more comprehensive understanding of the threat landscape and potential attack vectors, ensuring that they don’t leave themselves open to unnecessary risks.<\/span><\/p>\n

Table Key:\u00a0<\/i><\/b>Severity:\u00a0C = Critical, I = Important, M = Moderate, R = Re-issue;\u00a0Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected,\u00a0N\/A = Not Available<\/i><\/span><\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
\n

CVE Number<\/span><\/strong><\/p>\n<\/td>\n

\n

CVE Title<\/span><\/strong><\/p>\n<\/td>\n

\n

Severity<\/span><\/strong><\/p>\n<\/td>\n

\n

Status<\/span><\/strong><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36802<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

ED<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36761<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Word Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

ED<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36796<\/a><\/span><\/p>\n<\/td>\n

\n

Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36793<\/a><\/span><\/p>\n<\/td>\n

\n

Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36792<\/a><\/span><\/p>\n<\/td>\n

\n

Visual Studio Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-29332<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38161<\/a><\/span><\/p>\n<\/td>\n

\n

Windows GDI Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38160<\/a><\/span><\/p>\n<\/td>\n

\n

Windows TCP\/IP Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38152<\/a><\/span><\/p>\n<\/td>\n

\n

DHCP Server Service Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38148<\/a><\/span><\/p>\n<\/td>\n

\n

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38144<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38143<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-38142<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Kernel Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36804<\/a><\/span><\/p>\n<\/td>\n

\n

Windows GDI Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36777<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Exchange Server Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36756<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Exchange Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36745<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Exchange Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2023-36744<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Exchange Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Summary<\/span><\/h2>\n

Ensure that you maintain consistent patching procedures for assessment, testing, and deployment into your production environments. If your approach has typically centered around patching based on severity alone, it’s crucial to expand your patch management strategies. Integrate priority handling for patches related to zero-days, vulnerabilities with detected exploitations, and those with a higher likelihood of exploitation into your Patch Management<\/span><\/a> routines. <\/span><\/p>\n

As always make sure you have established patching processes for evaluation, testing and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity consider including prioritization of patches for Zero-Days, Exploitation Detected and Exploitation More Likely vulnerabilities in your\u00a0Patch Management<\/span><\/a>\u00a0routines.<\/span><\/p>\n

Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Reviews, then check out\u00a0<\/b>this section of our blog<\/b><\/span><\/a>.<\/b>\u00a0<\/span><\/p>\n

Lewis Pope is the Head Security Nerd at N‑able. You can follow him on Twitter:\u00a0<\/i>@cybersec_nerd<\/i><\/span><\/a><\/span><\/p>\n

LinkedIn:\u00a0<\/i>thesecuritypope<\/i><\/span><\/a><\/span><\/p>\n

Twitch:\u00a0<\/i>cybersec_nerd<\/i><\/span><\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe, Chrome, Mozilla, Cisco, and iOS. Lewis Pope explains.<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-48532","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"\nPatch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix - N-able<\/title>\n<meta name=\"description\" content=\"September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe and iOS.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix - N-able\" \/>\n<meta property=\"og:description\" content=\"September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe and iOS.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-13T10:57:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-14T11:19:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-03.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1309\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix\",\"datePublished\":\"2023-09-13T11:57:13+01:00\",\"dateModified\":\"2023-09-14T11:19:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\"},\"wordCount\":1165,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\",\"url\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\",\"name\":\"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr#website\"},\"datePublished\":\"2023-09-13T11:57:13+01:00\",\"dateModified\":\"2023-09-14T11:19:59+00:00\",\"description\":\"September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe and iOS.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/fr\/blog\/category\/head-nerds-fr\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/fr#website\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/fr?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/fr#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix - N-able","description":"September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe and iOS.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix","og_locale":"fr_FR","og_type":"article","og_title":"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix - N-able","og_description":"September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe and iOS.","og_url":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2023-09-13T10:57:13+00:00","article_modified_time":"2023-09-14T11:19:59+00:00","og_image":[{"width":2500,"height":1309,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-03.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"\u00c9crit par":"Lewis Pope","Dur\u00e9e de lecture estim\u00e9e":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix","datePublished":"2023-09-13T11:57:13+01:00","dateModified":"2023-09-14T11:19:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix"},"wordCount":1165,"publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix","url":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix","name":"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr#website"},"datePublished":"2023-09-13T11:57:13+01:00","dateModified":"2023-09-14T11:19:59+00:00","description":"September sees Microsoft address 59 new vulnerabilities and update three previous vulnerabilities, plus there are fixes for Adobe and iOS.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/fr\/blog\/patch-tuesday-september-2023-office-nltm-hash-vulnerability-gets-fix#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/fr\/blog\/category\/head-nerds-fr"},{"@type":"ListItem","position":2,"name":"Patch Tuesday September 2023: Office NLTM Hash Vulnerability Gets Fix"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/fr#website","url":"https:\/\/www.n-able.com\/fr","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/fr?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/fr#organization","name":"N-able","url":"https:\/\/www.n-able.com\/fr","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/48532","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/comments?post=48532"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/48532\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/media?parent=48532"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}