Microsoft rolls out August Patch Tuesday updates for Windows 11 and 10, addressing 87 security flaws

Microsoft has released its August Patch Tuesday 2023 for Windows 11 and Windows 10. The updates, tagged as KB5029253 for Windows 11 version 22H2 and KB5029244 for Windows 10 21H2 and 22H2, address a total of 87 security flaws, including two that are currently being exploited and 23 remote code execution vulnerabilities, with 6 of them rated as Critical.

Among the flaws addressed in these updates are two zero-day vulnerabilities. For the first one, Microsoft has released an Office Defense in Depth update to fix a patch bypass of the CVE-2023-36884 remote code execution flaw. This allowed threat actors to bypass the Mark of the Web (MoTW) security feature with specially crafted Microsoft Office documents, enabling remote code execution without a security warning. The other one is the CVE-2023-38180, it’s actively exploited and can initiate a DoS attack on .NET applications and Visual Studio. At this time, Microsoft has not provided any additional details on how this flaw was utilized in attacks.