Today is Microsoft’s November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
While fourteen remote code execution (RCE) bugs were fixed, Microsoft only rated one as critical. The three critical flaws fixed today are an Azure information disclosure bug, an RCE in Windows Internet Connection Sharing (ICS), and a Hyper-V escape flaw that allows the executions of programs on the host with SYSTEM privileges.
The number of bugs in each vulnerability category is listed below:
- 16 Elevation of Privilege Vulnerabilities
- 6 Security Feature Bypass Vulnerabilities
- 15 Remote Code Execution Vulnerabilities
- 6 Information Disclosure Vulnerabilities
- 5 Denial of Service Vulnerabilities
- 11 Spoofing Vulnerabilities
The total count of 58 flaws does not include 5 Mariner security updates and 20 Microsoft Edge security updates released earlier this month.