Share via

Curl vulnerability CVE-2023-38545

A.Elrayes 186 Reputation points
2023-11-19T09:26:50.5733333+00:00

Hi Team,

We have noticed a vulnerability in Curl according to https://curl.se/docs/CVE-2023-38545.html

After research, I found a link includes an update released in 14 Nov,2033 to update Curl to the latest 8.4.0 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-38545

But I didn't find the KB number for Curl fix for windows server.

I appreciate your support.

Thanks,

Alaa Elrayes

Windows for business Windows Server User experience Other
0 comments
Accepted answer
  1. Anonymous
    2023-11-21T07:11:26.7033333+00:00

    Hello A.Elrayes

    The update containing 8.4.0 has been released.

    For Windows server 2019, the patch is KB5032196.You can download it fromhttps://www.catalog.update.microsoft.com/home.aspx

    User's image

    More details please refer to this link: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-38545

    Best Regards,

    Hania Lian

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Erik Moreau 981 Reputation points MVP Volunteer Moderator
    2023-11-19T16:56:31.7033333+00:00

    Hi A.Elrayes,

    The update containing 8.4.0 is not released yet, for now there's only the workarounds noted in the article

    "Microsoft is fully aware of this issue and is actively working to release version 8.4.0 of curl.exe in a future Windows update for currently supported, on-premise versions of Windows clients and servers."
    ref: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-38545

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.