{"id":46898,"date":"2023-07-17T15:27:07","date_gmt":"2023-07-17T14:27:07","guid":{"rendered":"https:\/\/www.n-able.com\/?p=46898"},"modified":"2023-07-27T10:47:43","modified_gmt":"2023-07-27T09:47:43","slug":"patch-tuesday-july-2023","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023","title":{"rendered":"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2?"},"content":{"rendered":"<p class=\"p3\"><span class=\"s1\">This month\u2019s Microsoft Patch Tuesday is making up for a relatively quiet two months. On top of another <a href=\"https:\/\/www.n-able.com\/blog\/patch-tuesday-march-2023\"><span class=\"s2\">Windows SmartScreen Bypass vulnerability<\/span><\/a><\/span><span class=\"s1\">\u00a0, multiple zero-day vulnerabilities, and some unique security advisories, there is also one zero-day vulnerability that has not yet received a patch. Even if you get all your updates applied within a timely manner this month, you\u2019re likely going to have to apply additional mitigations for that un-patched zero-day while we wait for Microsoft to provide a fix. For those who want to dig deeper, this unpatched vulnerability could be take-two of last year\u2019s <a href=\"https:\/\/www.n-able.com\/blog\/june-2022-patch-tuesday-follina-dogwalk\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Follina vulnerability<\/span><\/a>.<\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Microsoft Vulnerabilities <\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">This month Microsoft has addressed 143 vulnerabilities: 11 are set as Critical, 6 are zero-day vulnerabilities that are Under Active Exploitation, and 12 are listed as Likely to be Exploited. One of those zero-days this month is a unique security advisory (ADV230001) that we don\u2019t often see included in Patch Tuesdays. Also in this month\u2019s mix of patches and updates is <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/july-11-2023-kb5028185-os-build-22621-1992-605fa18f-bd49-41d8-80b1-245080e26c3d\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">KB5028185<\/span><\/a><\/span><span class=\"s3\">,<\/span><span class=\"s1\"> which brings new features to Windows 11 by enabling <a href=\"https:\/\/blogs.windows.com\/windowsexperience\/2023\/05\/23\/announcing-new-windows-11-innovation-with-features-for-secure-efficient-it-management-and-intuitive-user-experience\/\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Moment 3<\/span><\/a> improvements. <\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">ADV230001<\/span><\/h2>\n<p class=\"p3\"><span class=\"s3\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/ADV230001\" target=\"_blank\" rel=\"noopener\">ADV230001<\/a><\/span><span class=\"s1\"> is a Microsoft Security Advisory concerning the malicious use of Microsoft signed drivers. It might not be immediately clear how rare these types of advisories are, but this Advisory (ADV) in 2023 (23) is the first (0001) for the year. Drivers certified by Microsoft\u2019s Windows Hardware Developer Program have been detected being used maliciously on already compromised devices. While there is no CVE entry associated with this advisory it is still addressed by this month\u2019s monthly rollup and security updates. Microsoft\u2019s guidance is to apply those and ensure that AV and endpoint protection solutions are in place. <\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">Unpatched Zero-day<\/span><\/h2>\n<p class=\"p3\"><span class=\"s3\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36884\" target=\"_blank\" rel=\"noopener\">CVE-2023-36884<\/a><\/span><span class=\"s1\"> is the standout vulnerability of the month as Microsoft has not yet released any security updates to address it. CVE-2023-36884 is an Office and Windows HTML RCE vulnerability that allows an attacker to execute remote code against a target using a specially crafted Microsoft Office document. Since this is Under Active Exploitation and is making news with its use in targeted attacks against organizations attending the July 2023 <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/07\/11\/storm-0978-attacks-reveal-financial-and-espionage-motives\/\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">NATO Summit<\/span><\/a> in Lithuania, it would be a good idea to get some communications out to your customers concerning this vulnerability and how you will be addressing it. <\/span><\/p>\n<p class=\"p3\"><span class=\"s1\">Microsoft\u2019s mitigation guidance for those leveraging Microsoft Defender for Office 365 (email filtering solution) is that they will already be protected from Office document attachments that contain the exploit. For everyone else their guidance is to enable the BLOCK CROSS PROTOCOL FILE NAVIGATION feature via the registry. See <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36884\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Microsoft guidance<\/span><\/a> for more information on how to enable this protection and potential complications.<\/span><\/p>\n<p class=\"p3\"><span class=\"s1\">A very interesting thread to pull on is that CVE-2023-36884, according to security researcher <a href=\"https:\/\/cyberplace.social\/@GossiTheDog\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Kevin Beaumont<\/span><\/a> who named the Follina zero-day from May 2022, may be <a href=\"https:\/\/cyberplace.social\/@GossiTheDog\/110696947595583089\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">#Follina2<\/span><\/a>. \u00a0<\/span><\/p>\n<h2 class=\"p5\"><span class=\"s1\">Zero-Days and Active Exploitation<\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">The other zero-days that are Under Active Exploitation this month do not include the need for any additional mitigations to be applied, and proper patching should address them. <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-32046\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-32046<\/span><\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-32049\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-32049<\/span><\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35311\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-35311<\/span><\/a>, and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36874\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-36874<\/span><\/a> are all marked as Important, but as they are all Under Active Exploitation they should be high priority items to address this month. <\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Vulnerability Prioritization <\/span><\/h2>\n<p class=\"p3\"><span class=\"s1\">As always, prioritizing which vulnerabilities to address first is part following established best practices and a little bit of gut instinct. Critical severity, exploitation more likely and exploitation detected vulnerabilities as always should be ranking fairly high on priority list. If you only patch based on severity you are leaving a lot of unnecessary risk exposure lying around. <\/span><\/p>\n<p class=\"p6\"><em><span class=\"s4\"><b>Table Key:\u00a0<\/b>Severity:\u00a0C = Critical, I = Important, M = Moderate, R = Re-issue;\u00a0Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected,\u00a0N\/A = Not Available<\/span><\/em><\/p>\n<table cellspacing=\"0\" cellpadding=\"0\" class=\"t1\">\n<tbody>\n<tr>\n<td valign=\"top\" class=\"td1\" width=\"20%\">\n<p class=\"p7\"><strong><span class=\"s1\">CVE Number<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td2\" width=\"60%\">\n<p class=\"p7\"><strong><span class=\"s1\">CVE Title<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td3\" width=\"10%\">\n<p class=\"p7\" style=\"text-align: center;\"><strong><span class=\"s1\">Severity<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td4\" width=\"10%\">\n<p class=\"p7\" style=\"text-align: center;\"><strong><span class=\"s1\">Status<\/span><\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36884\" target=\"_blank\" rel=\"noopener\">CVE-2023-36884<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Office and Windows HTML Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36874\" target=\"_blank\" rel=\"noopener\">CVE-2023-36874<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Error Reporting Service Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35311\" target=\"_blank\" rel=\"noopener\">CVE-2023-35311<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Outlook Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-32049\" target=\"_blank\" rel=\"noopener\">CVE-2023-32049<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows SmartScreen Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-32046\" target=\"_blank\" rel=\"noopener\">CVE-2023-32046<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows MSHTML Platform Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36871\" target=\"_blank\" rel=\"noopener\">CVE-2023-36871<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Azure Active Directory Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35352\" target=\"_blank\" rel=\"noopener\">CVE-2023-35352<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Remote Desktop Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35312\" target=\"_blank\" rel=\"noopener\">CVE-2023-35312<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-33157\" target=\"_blank\" rel=\"noopener\">CVE-2023-33157<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft SharePoint Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-33134\" target=\"_blank\" rel=\"noopener\">CVE-2023-33134<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21526\" target=\"_blank\" rel=\"noopener\">CVE-2023-21526<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Netlogon Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35367\" target=\"_blank\" rel=\"noopener\">CVE-2023-35367<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35366\" target=\"_blank\" rel=\"noopener\">CVE-2023-35366<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35365\" target=\"_blank\" rel=\"noopener\">CVE-2023-35365<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35315\" target=\"_blank\" rel=\"noopener\">CVE-2023-35315<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35297\" target=\"_blank\" rel=\"noopener\">CVE-2023-35297<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-33160\" target=\"_blank\" rel=\"noopener\">CVE-2023-33160<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft SharePoint Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-32057\" target=\"_blank\" rel=\"noopener\">CVE-2023-32057<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft Message Queuing Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-35352\" target=\"_blank\" rel=\"noopener\">CVE-2023-35352<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Windows Remote Desktop Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p8\"><span class=\"s5\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-33157\" target=\"_blank\" rel=\"noopener\">CVE-2023-33157<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p9\"><span class=\"s1\">Microsoft SharePoint Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p7\" style=\"text-align: center;\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 class=\"p4\"><span class=\"s1\">Summary<\/span><\/h2>\n<p class=\"p6\"><span class=\"s4\">As always make sure you have established patching processes for evaluation, testing and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity consider including prioritization of patches for Zero-Days, Exploitation Detected and Exploitation More Likely vulnerabilities in your\u00a0<a href=\"https:\/\/www.n-able.com\/features\/windows-patch-management\" target=\"_blank\" rel=\"noopener\"><span class=\"s6\">Patch Management<\/span><\/a>\u00a0routines.<\/span><\/p>\n<p class=\"p10\"><span class=\"s1\"><b>Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Reviews, then check out\u00a0<\/b><a href=\"https:\/\/www.n-able.com\/blog\/patch-management?filter_products=all#filtered\" target=\"_blank\" rel=\"noopener\"><span class=\"s7\"><b>this section of our blog<\/b><\/span><\/a><b>.<\/b>\u00a0<\/span><\/p>\n<p class=\"p10\"><em><span class=\"s1\">Lewis Pope is the Head Security Nerd at N&#8209;able. You can follow him on Twitter:\u00a0<a href=\"https:\/\/twitter.com\/cybersec_nerd\" target=\"_blank\" rel=\"noopener\"><span class=\"s7\">@cybersec_nerd<\/span><\/a><\/span><\/em><\/p>\n<p class=\"p11\"><em><span class=\"s8\">LinkedIn:\u00a0<a href=\"https:\/\/www.linkedin.com\/in\/thesecuritypope\" target=\"_blank\" rel=\"noopener\"><span class=\"s6\">thesecuritypope<\/span><\/a><\/span><\/em><\/p>\n<p class=\"p11\"><em><span class=\"s8\">Twitch:\u00a0<a href=\"https:\/\/www.twitch.tv\/cybersec_nerd\" target=\"_blank\" rel=\"noopener\"><span class=\"s6\">cybersec_nerd<\/span><\/a><\/span><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This month&#8217;s Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Lewis Pope takes a deeper look.<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-46898","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2? - N-able<\/title>\n<meta name=\"description\" content=\"This month&#039;s Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Take a deeper look.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2? - N-able\" \/>\n<meta property=\"og:description\" content=\"This month&#039;s Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Take a deeper look.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-17T14:27:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-27T09:47:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-03.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1309\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2?\",\"datePublished\":\"2023-07-17T15:27:07+01:00\",\"dateModified\":\"2023-07-27T09:47:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\"},\"wordCount\":957,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"it-IT\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\",\"url\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\",\"name\":\"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2? - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#website\"},\"datePublished\":\"2023-07-17T15:27:07+01:00\",\"dateModified\":\"2023-07-27T09:47:43+00:00\",\"description\":\"This month's Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Take a deeper look.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/it\/blog\/category\/head-nerds-it\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/it\/#website\",\"url\":\"https:\/\/www.n-able.com\/it\/\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/it\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/it\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2? - N-able","description":"This month's Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Take a deeper look.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023","og_locale":"it_IT","og_type":"article","og_title":"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2? - N-able","og_description":"This month's Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Take a deeper look.","og_url":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2023-07-17T14:27:07+00:00","article_modified_time":"2023-07-27T09:47:43+00:00","og_image":[{"width":2500,"height":1309,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-03.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Scritto da":"Lewis Pope","Tempo di lettura stimato":"5 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2?","datePublished":"2023-07-17T15:27:07+01:00","dateModified":"2023-07-27T09:47:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023"},"wordCount":957,"publisher":{"@id":"https:\/\/www.n-able.com\/it\/#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"it-IT"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023","url":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023","name":"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2? - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/it\/#website"},"datePublished":"2023-07-17T15:27:07+01:00","dateModified":"2023-07-27T09:47:43+00:00","description":"This month's Patch Tuesday sees a kick back against two quiet months from Microsoft, with 143 vulnerabilities addressed. Take a deeper look.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-july-2023#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/it\/blog\/category\/head-nerds-it"},{"@type":"ListItem","position":2,"name":"Patch Tuesday July 2023: Remote Code Execution Vulnerability with No Fix, is This Follina 2?"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/it\/#website","url":"https:\/\/www.n-able.com\/it\/","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/it\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/it\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/it\/#organization","name":"N-able","url":"https:\/\/www.n-able.com\/it\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts\/46898","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/comments?post=46898"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts\/46898\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/media?parent=46898"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}