                                                   JPCERT-AT-2023-0011
                                                             JPCERT/CC
                                                            2023-07-12

                 <<< JPCERT/CC Alert 2023-07-12 >>>

            Microsoft Releases July 2023 Security Updates

       https://www.jpcert.or.jp/english/at/2023/at230011.html


I. Overview
Microsoft has released July 2023 Security Updates to address the
vulnerabilities in their products. Remote attackers leveraging
these vulnerabilities may be able to execute arbitrary code. It is
recommended to check the information provided by Microsoft and
apply the updates.

    Microsoft Corporation
    July 2023 Security Updates
    https://msrc.microsoft.com/update-guide/en-us/releaseNote/2023-Jul

    Microsoft Corporation
    Microsoft Security Updates for July 2023 (Monthly) (Japanese)
    https://msrc.microsoft.com/blog/2023/07/202307-security-update/

According to Microsoft, among these vulnerabilities, the following
vulnerabilities have been confirmed to be exploited in the wild. Please
consider applying the security update programs by referring to the
information provided by Microsoft.

    CVE-2023-32046
    Windows MSHTML Platform Elevation of Privilege Vulnerability
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046

    CVE-2023-32049
    Windows SmartScreen Security Feature Bypass Vulnerability
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049

    CVE-2023-35311
    Microsoft Outlook Security Feature Bypass Vulnerability
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311

    CVE-2023-36874
    Windows Error Reporting Service Elevation of Privilege Vulnerability
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874

    CVE-2023-36884
    Office and Windows HTML Remote Code Execution Vulnerability
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884

Regarding the vulnerability (CVE-2023-36884) that affects Windows and
Office, Microsoft has published a blog about the attack that had
exploited this vulnerability. The vulnerability was exploited in June
in attacks targeting defense and government entities in Europe and
North America. At the time of publication of this information, an update
to fix the vulnerability has not been provided, and information on
mitigation measures has been published.

    Microsoft
    Storm-0978 attacks reveal financial and espionage motives
    https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/


II. Solution
Please apply the security update programs through Microsoft Update,
Windows Update, etc. as soon as possible.

    Microsoft Update Catalog
    https://www.catalog.update.microsoft.com/

    Windows Update: FAQ
    https://support.microsoft.com/en-us/help/12373/windows-update-faq


III. References
    Microsoft Corporation
    Release Notes
    https://msrc.microsoft.com/update-guide/releaseNote

    ADV230001
    Guidance on Microsoft Signed Drivers Being Used Maliciously
    https://msrc.microsoft.com/update-guide/vulnerability/ADV230001


If you have any information regarding this alert, please contact
JPCERT/CC.

======================================================================
JPCERT Coordination Center (Early Warning Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/