PHL Tech Magazine

Post: Critical updates for Microsoft Office and Visual Studio drive September’s Patch Tuesday

coder_prem

coder_prem

Hi, I'm Prem. I'm professional WordPress Web Developer. I developed this website. And writing articles about Finance, Startup, Business, Marketing and Tech is my hobby.
Hope you will always get informative articles which will help you to startup your business.
If you need any kind of wordpress website then feel free to contact me at webexpertprem@gmail.com

Categories


Microsoft released 59 updates in its September Patch Tuesday release, with critical patches for Microsoft Office and Visual Studio, and  continued the trend of including non-Microsoft applications in its update cycle. (Notepad++ is a notable addition, with Autodesk returning with a revised bulletin.) We’ve made “Patch Now” recommendations for Microsoft development platforms (Visual Studio) and Microsoft Word.

Unfortunately, updates for Microsoft Exchange Server have also returned, requiring server reboots this time, too.

The team at Readiness has created this infographic outlining the risks associated with each of the September updates.

Known issues

Each month, Microsoft includes a list of known issues that relate to the operating system and platforms included in the latest update cycle:

  • After installing this update on guest virtual machines (VMs) running Windows Server 2022 on some versions of VMware ESXi, Windows Server 2022 might not start up. VMWare has published an article (KB90947) on how to resolve the issue.
  • New security enhancements in SharePoint Server (2019) might prevent custom .aspx files from being displayed under certain circumstances. Browsing to such a page generates a “92liq” event tag in SharePoint Unified Logging System (ULS) logs.

Major revisions

Microsoft published the following major revisions this month:

  • CVE-2023-41303: Use-after-free vulnerability in Autodesk® FBX® SDK 2020. This is an information update (note that this third-party application update does not have an updated release log — naughty Microsoft). No further action required.
  • CVE-2023-20569 Return Address Predictor. The affected products table has been updated to include Azure Virtual Machines, as customers who use custom maintenance controls are affected by CVE-2023-20569 and are required to take action to protect their resources.
  • CVE-2023-21709, CVE-2023-35368, CVE-2023-35388, CVE-2023-38185, CVE-2023-38181 and CVE-2023-38182: Microsoft Exchange Server Elevation of Privilege Vulnerability. The known issue affecting the non-English August updates of Exchange Server has been resolved. Microsoft recommends installing the updated packages as soon as possible.

And it looks as if Microsoft “missed” a CVE last month — CVE-2023-36769 for OneNote, which has now been updated and included in this month’s updates.

Copyright © 2023 IDG Communications, Inc.

Lora Helmin

Lora Helmin

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Popular Posts

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.