Skip to content
BLOG

Patch Tuesday November 2023

Jordan Hammond fun headshot
Jordan Hammond|November 14, 2023
Patch Tuesday (light blue)
Patch Tuesday (light blue)
Sections

It's the last patch Tuesday before Thanksgiving, so let's give thanks that this month's list of exploits is so light. I'm also thankful that we did not get a repeat of the libwebp nightmare. All things considered, this is about as good of a month as you can hope for.

  • Total exploits patched: 58

  • Critical patches: 3

  • Already known or exploited: 3

Let’s take a look at some of the highlights.

Some highlights (or lowlights)

  • CVE-2023-36397: Looks like Message Queuing is back. This has become a monthly reminder of a critical exploit. If you're still using this software, please stop. Nothing has changed: If you're running this service and that server is listening on port 1801, you're vulnerable to a network attack that requires no user interaction or privileges. 

  • CVE-2023-36028: This is the other 9.8 exploit. Even at that high of a rating, it's listed as important instead of critical because exploitation is viewed as less likely. This is because the vulnerability is for Protected Extensible Authentication Protocol (PEAP), which only comes into play if you're using a Network Policy Server. If you are using an NPS with PEAP, this has a remote attack vector — and requires no user interaction and no privileges. That is all bad. 

  • CVE-2023-36033: The last exploit has already been used. It's an Elevation of Privilege using the Windows DWM Core Library. This is listed as only 7.8 because it does have a local attack vector, limiting the threat's availability. If this vulnerability is exploited, the attacker gets system privileges on that computer.

Wrapping up 

I'm not looking for a repeat of last year when my patch anxiety went to war with the tryptophan to make a perfect breeding ground for night terrors. No, this year I'm keeping my patching on a schedule so the only thing fighting to keep me awake is the dread that I COULD have fit that sixth piece of pie down my gullet.

How do I achieve this new nirvana? By automating patching from PDQ Deploy and PDQ Inventory. Remember, the best work is always the work that does itself. 

Get yourself a PDQ Deploy and PDQ Inventory trial — and maybe a little PDQ Connect to show some love to your remote users — and you, too, can take that post-turkey tryptophan nap while guaranteeing your job security.

Loading...

Jordan Hammond fun headshot
Jordan Hammond

Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet.

Related articles

Illustration of computer with shield and lock that represents security

How to read a vulnerability scan report

SECURITY

Security green

What is attack surface management?

SECURITY

Illustration that shows logo of PDQ Connect

PDQ Connect announces custom fields

PRODUCT