                                                   JPCERT-AT-2023-0016
                                                             JPCERT/CC
                                                            2023-08-09

                 <<< JPCERT/CC Alert 2023-08-09 >>>

            Microsoft Releases August 2023 Security Updates

       https://www.jpcert.or.jp/english/at/2023/at230016.html


I. Overview
Microsoft has released August 2023 Security Updates to address the
vulnerabilities in their products. Remote attackers leveraging
these vulnerabilities may be able to execute arbitrary code. It is
recommended to check the information provided by Microsoft and
apply the updates.

    Microsoft Corporation
    August 2023 Security Updates
    https://msrc.microsoft.com/update-guide/en-us/releaseNote/2023-Aug

    Microsoft Corporation
    Microsoft Security Updates for August 2023 (Monthly) (Japanese)
    https://msrc.microsoft.com/blog/2023/08/202308-security-update/

According to Microsoft, among the vulnerabilities, the following
vulnerability have been confirmed to be exploited in the wild. Please
consider applying the security update programs by referring to the
information provided by Microsoft.

    CVE-2023-38180
    .NET and Visual Studio Denial of Service Vulnerability
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180

In addition, an update for Microsoft Office (ADV230003) has been
released that provides enhanced security as a defense in depth measure.
Installing this update stops the attack chain leading to the Windows
Search Remote Code Execution Vulnerability (CVE-2023-36884).

    ADV230003
    Microsoft Office Defense in Depth Update
    https://msrc.microsoft.com/update-guide/vulnerability/ADV230003


II. Solution
Please apply the security update programs through Microsoft Update,
Windows Update, etc. as soon as possible.

    Microsoft Update Catalog
    https://www.catalog.update.microsoft.com/

    Windows Update: FAQ
    https://support.microsoft.com/en-us/help/12373/windows-update-faq


III. References
    Microsoft Corporation
    Release Notes
    https://msrc.microsoft.com/update-guide/releaseNote

    Microsoft The Exchange Team
    Released: August 2023 Exchange Server Security Updates
    https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2023-exchange-server-security-updates/ba-p/3892811


If you have any information regarding this alert, please contact
JPCERT/CC.

======================================================================
JPCERT Coordination Center (Early Warning Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/