Tripwire's April 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe.
First on the patch priority list this month are patches for Microsoft Edge. These patches resolve over 15 vulnerabilities such as spoofing, type confusion, and use after free vulnerabilities.
Up next are 3 patches for Microsoft Office, Word, and Publisher that resolve 4 remote code execution vulnerabilities.
Next are patches for Adobe Acrobat and Reader that resolve 16 vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 60 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, Graphics, PostScript and PCL6 drivers, Point-to-Point tunneling protocol, Secure Channel, RPC, and others.
Up next are patches for Visual Studio, Visual Studio Code, and .NET that resolve remote code execution, elevation of privilege, DLL hijacking, and information disclosure vulnerabilities.
Lastly, administrators should focus on server-side patches for Dynamics,, DHCP Server, DNS, Active Directory, SQL Server, and SharePoint. These patches resolve remote code execution, elevation of privilege, spoofing, cross-site scripting, and information disclosure vulnerabilities.
|
BULLETIN |
CVE |
|
CVE-2023-28284, CVE-2023-24935,CVE-2023-28301,CVE-2023-1823, CVE-2023-1822, CVE-2023-1821, CVE-2023-1820, CVE-2023-1812, CVE-2023-1813, CVE-2023-1810, CVE-2023-1811, CVE-2023-1816, CVE-2023-1817, CVE-2023-1814, CVE-2023-1815, CVE-2023-1818, CVE-2023-1819, CVE-2023-24935 |
|
|
CVE-2023-28295, CVE-2023-28287 |
|
|
CVE-2023-28311 |
|
|
CVE-2023-28285 |
|
|
CVE-2023-26395, CVE-2023-26396, CVE-2023-26397, CVE-2023-26405, CVE-2023-26406, CVE-2023-26407, CVE-2023-26408, CVE-2023-26417, CVE-2023-26418, CVE-2023-26419, CVE-2023-26420, CVE-2023-26421, CVE-2023-26422, CVE-2023-26423, CVE-2023-26424, CVE-2023-26425 |
|
|
CVE-2023-28243, CVE-2023-21729, CVE-2023-21727, CVE-2023-28297, CVE-2023-28268, CVE-2023-28221, CVE-2023-24914, CVE-2023-28274, CVE-2023-28276, CVE-2023-28218, CVE-2023-28226, CVE-2023-28247, CVE-2023-28250, CVE-2023-28240, CVE-2023-24931, CVE-2023-28233, CVE-2023-28238, CVE-2023-24912, CVE-2023-28270, CVE-2023-28235, CVE-2023-28298, CVE-2023-28272, CVE-2023-28248, CVE-2023-28222, CVE-2023-28293, CVE-2023-28253, CVE-2023-28271, CVE-2023-28237, CVE-2023-28227, CVE-2023-28273, CVE-2023-28232, CVE-2023-28246, CVE-2023-28225, CVE-2023-28217, CVE-2023-28220, CVE-2023-28219, CVE-2023-28229, CVE-2023-28269, CVE-2023-28249, CVE-2023-28292, CVE-2023-28291, CVE-2023-28234 |
|
|
CVE-2023-24883, CVE-2023-24928, CVE-2023-24886, CVE-2023-24926, CVE-2023-24884, CVE-2023-24927, CVE-2023-24924, CVE-2023-24925, CVE-2023-24885, CVE-2023-24887, CVE-2023-24929, CVE-2023-28244, CVE-2023-28241, CVE-2023-21769, CVE-2023-21554, CVE-2023-28224, CVE-2023-24860, CVE-2023-28216, CVE-2023-28236, CVE-2023-28267, CVE-2023-28228, CVE-2023-28252, CVE-2023-28266 |
|
|
CVE-2023-28262, CVE-2023-28263, CVE-2023-28296, CVE-2023-28299, CVE-2023-24893 |
|
|
CVE-2023-28260 |
|
|
CVE-2023-28309, CVE-2023-28314 |
|
|
CVE-2023-28231 |
|
|
CVE-2023-28223, CVE-2023-28277, CVE-2023-28278, CVE-2023-28306, CVE-2023-28307, CVE-2023-28305, CVE-2023-28308, CVE-2023-28254, CVE-2023-28255, CVE-2023-28256 |
|
|
CVE-2023-28302 |
|
|
CVE-2023-28304, CVE-2023-23375, CVE-2023-23384, CVE-2023-28275 |
|
|
CVE-2023-28288 |
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.
