Skip to content
BLOG

Patch Tuesday October 2023

Jordan Hammond fun headshot
Jordan Hammond|October 10, 2023
Patch Tuesday October 2023
Patch Tuesday October 2023
Sections

You know what's awesome about this month? No matter how bad it is, you know it can’t be worse than the horrors we saw with WebP. 

While that's true, if you’re hoping this Patch Tuesday is a magic cure for your concerns ... I have some bad news. There won't be a Windows patch to make that one go away. 

Every sysadmin who uses applications that rely on libwebp needs to update the software to the latest version. To keep yourself safe on this one, you need to update them all. In other words, if you see updates for your software come through, get to patching! Or get yourself a dependency scanner. 

Enough of the old terror — let’s look at the new terror! 

  • Total exploits patched: 104 

  • Critical patches: 12 

  • Already known or exploited: 5 

It feels like Microsoft has taken it personally that some zero-day stole its thunder. It came in real strong this time around. Two of the critical patches are rated at a 9.8 CVSS, which is juuust below zero-day level. 

Let’s take a look at some of the highlights. 

Some highlights (or lowlights) 

  • CVE-2023-35349: It looks like our old friend Microsoft Message Queuing is back. This year has been its time to shine for exploits! This is a remote code execution (RCE) that requires no privileges or user interaction to implement. The only reason this is not a full 10 on the CVSS score is it requires an uncommon setting to be at risk. With that in mind, if you have a server running this service and listening on port 1801, you need to fix it immediately. 

  • CVE-2023-36434: This 9.8 privilege escalation vulnerability impacts Windows IIS service. While this one is a 9.8, it is also listed as important instead of critical because the exploit is for brute force, which makes exploitation less likely than usual. 

  • CVE-2023-41763: Our last lowlight is an elevation of privilege exploit for Skype. It is a lower threat score at 5.4, but threat actors are already exploiting it. This vulnerability allows an attacker to get critical information, like actively used IP addresses and ports, to help in future attacks. 

Wrapping up 

See? We don’t need some zero-day to make us feel dread. Patch Tuesday can bring up new and fresh dread on a schedule. 

I, for one, love to have my crises on a schedule. It makes it easier to plan out my day. Taking it a step further, add in some automation to the known schedule, and you can have the dread take hold, resolve itself, and then go away — all without needing to take a break from my sun tanning. 

Get yourself a PDQ Deploy and PDQ Inventory — and maybe a little PDQ Connect to show some love to your remote users — and you, too, can maintain that summer glow while guaranteeing your job security.

Loading...

Jordan Hammond fun headshot
Jordan Hammond

Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet.

Related articles

Illustration of computer with shield and lock that represents security

How to read a vulnerability scan report

SECURITY

Security green

What is attack surface management?

SECURITY

Illustration that shows logo of PDQ Connect

PDQ Connect announces custom fields

PRODUCT