Tripwire's January 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe.
First on the patch priority list this month are patches for Microsoft Visio and Microsoft Office that resolve 6 vulnerabilities, including remote code execution and information disclosure vulnerabilities.
Next are patches for Adobe Reader and Acrobat that 15 vulnerabilities, including arbitrary code execution, memory leak, denial-of-service, and elevation of privilege vulnerabilities.
Up next are patches that affect components of the core Windows operating system. These patches resolve over 60 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, Graphics, Bluetooth Driver, Error Reporting, Error Tracing, ODBC Driver, DWM Core, SMB Witness Service, L2TP, and others.
Next are patches for .NET and Visual Studio Code that resolves remove code execution and denial-of-service vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint and Exchange. These patches resolve remote code execution, elevation of privilege, spoofing, and information disclosure vulnerabilities
|
BULLETIN |
CVE |
|
CVE-2023-21741, CVE-2023-21736, CVE-2023-21737, CVE-2023-21738 |
|
|
CVE-2023-21734, CVE-2023-21735 |
|
|
CVE-2023-21579, CVE-2023-21581, CVE-2023-21585, CVE-2023-21586, CVE-2023-21604, CVE-2023-21605, CVE-2023-21606, CVE-2023-21607, CVE-2023-21608, CVE-2023-21609, CVE-2023-21610, CVE-2023-21611, CVE-2023-21612, CVE-2023-21613, CVE-2023-21614 |
|
|
CVE-2023-21677, CVE-2023-21683, CVE-2023-21758, CVE-2023-21754, CVE-2023-21548, CVE-2023-21535, CVE-2023-21525, CVE-2023-21746, CVE-2023-21728, CVE-2023-21561, CVE2023-21551, CVE-2023-21730, CVE-2023-21559, CVE-2023-21550, CVE-2023-21540, CVE-2023-21771, CVE-2023-21542, CVE-2023-21547, CVE-2023-21768, CVE-2023-21557, CVE-2023-21676, CVE-2023-21541, CVE-2023-21552, CVE-2023-21532, CVE-2023-21680, CVE-2023-21536, CVE-2023-21558 |
|
|
CVE-2023-21753, CVE-2023-21755, CVE-2023-21739, CVE-2023-21682, CVE-2023-21732, CVE-2023-21724, CVE-2023-21549, CVE-2023-21733, CVE-2023-21527, CVE-2023-21524, CVE-2023-21679, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543, CVE-2023-21546, CVE-2023-21757, CVE-2023-21681, CVE-2023-21767, CVE-2023-21766, CVE-2023-21726, CVE-2023-21560, CVE-2023-21752, CVE-2023-21539, CVE-2023-21749, CVE-2023-21748, CVE-2023-21747, CVE-2023-21774, CVE-2023-21772, CVE-2023-21773, CVE-2023-21675, CVE-2023-21750, CVE-2023-21776, CVE-2023-21537, CVE-2023-21678, CVE-2023-21760, CVE-2023-21765, CVE-2023-21725, CVE-2023-21563, CVE-2023-21759, CVE-2023-21674 |
|
|
CVE-2023-21538 |
|
|
CVE-2023-21779 |
|
|
CVE-2023-21763, CVE-2023-21764, CVE-2023-21761, CVE-2023-21745, CVE-2023-21762 |
|
|
CVE-2023-21742, CVE-2023-21744, CVE-2023-21743 |
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.
