These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:
CVE-2023-21707
· Title: Microsoft Exchange Server Remote Code Execution Vulnerability
· Version: 2.0
· Reason for revision: Updated CVE to announce re-release of security updates. Please see FAQ section for more information.
· Originally released: February 14, 2023
· Last updated: March 9, 2023
· Aggregate CVE Severity Rating: Important
CVE-2023-21808
· Title: .NET and Visual Studio Remote Code Execution Vulnerability
· Version: 4.0
· Reason for revision: In the Security Updates table, added Visual Studio 2013 Update 5 and Visual Studio 2015 Update 3 as they are affected by this vulnerability. Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability.
· Originally released: February 14, 2023
· Last updated: June 13, 2023
· Aggregate CVE Severity Rating: Important
CVE-2023-21808
· Title: .NET and Visual Studio Remote Code Execution Vulnerability
· Version: 5.0
· Reason for revision: To address a known issue when after installing the February 14, 2023, security updates for .NET Framework and .NET, users may have experienced issues with how WPF-based applications render XPS documents, Microsoft has released the June 2023 security updates for .NET Framework and for .NET. We recommend that customers install the June 2023 updates. Please note that if you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. To remove either of the workarounds see the instructions for removal in the "Alternative Workaround" section of [KB5022083 Change in how WPF-based applications render XPS documents](https://support.microsoft.com/en-us...ocuments-a4ae4fa4-bc58-4c37-acdd-5eebc4e34556).
· Originally released: February 14, 2023
· Last updated: June 30, 2023
· Aggregate CVE Severity Rating: Important
CVE-2023-21815
· Title: Visual Studio Remote Code Execution Vulnerability
· Version: 1.1
· Reason for revision: Updated one or more CVSS scores for the affected products. This is an informational change only.
· Originally released: February 14, 2023
· Last updated: March 23, 2023
· Aggregate CVE Severity Rating: Critical
CVE-2023-21815
· Title: Visual Studio Remote Code Execution Vulnerability
· Version: 2.0
· Reason for revision: In the Security Updates table, added Visual Studio 2013 Update 5 and Visual Studio 2015 Update 3 as they are affected by this vulnerability. Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability.
· Originally released: February 14, 2023
· Last updated: June 13, 2023
· Aggregate CVE Severity Rating: Critical
CVE-2023-23381
· Title: Visual Studio Remote Code Execution Vulnerability
· Version: 1.1
· Reason for revision: Updated one or more CVSS scores for the affected products. This is an informational change only.
· Originally released: February 14, 2023
· Last updated: March 23, 2023
· Aggregate CVE Severity Rating: Critical
CVE-2023-23381
· Title: Visual Studio Remote Code Execution Vulnerability
· Version: 3.0
· Reason for revision: In the Security Updates table, added Visual Studio 2013 Update 5 and Visual Studio 2015 Update 3 as they are affected by this vulnerability. Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability.
· Originally released: February 14, 2023
· Last updated: June 13, 2023
· Aggregate CVE Severity Rating: Critical
CVEs have been published or revised in the Security Update Guide June 30, 2023
+63Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.