Patch verification about particular vulnerability on virtual machine

Varma 635 Reputation points
2024-01-30T17:19:14.57+00:00

Is this patch: https://support.microsoft.com/kb/5028171 resolves below vulnerability? Microsoft CVE-2023-36874: Windows Error Reporting Service Elevation of Privilege Vulnerability and second question, how to know whether above patch is installed on Virtual machine?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,786 questions
Azure Update Manager
Azure Update Manager
An Azure service to centrally manages updates and compliance at scale.
185 questions
{count} votes

Accepted answer
  1. kobulloc-MSFT 21,836 Reputation points Microsoft Employee
    2024-02-01T19:47:53.4466667+00:00

    Hello, @Varma !

    How do I resolve Microsoft CVE-2023-36874: Windows Error Reporting Service Elevation of Privilege Vulnerability on my VM?

    The Microsoft Security Response Center (MSRC) provides guidance on what KB/update (article) is needed to resolve the vulnerability. KB5028171 addresses the vulnerability for Windows Server 2022 and Windows Server 2022 (Server Core installation). For a full list, go to the MSRC page:

    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874https://msrc.microsoft.com/vulnerability/CVE-2023-36874 User's image

    How do I know if an update has been applied to my VM?

    You can check updates to your VM using Update Manager which can be accessed in a variety of ways: https://learn.microsoft.com/en-us/azure/update-manager/view-updates?tabs=singlevm-home%2Cat-scale-overview

    For a single, selected VM:

    Select your virtual machine to open the Virtual machines | Updates page. Under Operations, select Updates. On the Updates pane, select Go to Updates using Update Manager.

    Screenshot that shows selection of updates from the home page.

    On the Updates page, select Check for updates. In Trigger assess now, select OK. An assessment is performed and a notification says Assessment is in progress. After the assessment, you see Assessment successful or Assessment failed.

    Screenshot that shows the status after checking updates.

    For more information, see Update assessment scan.


    I hope this has been helpful! Your feedback is important so please take a moment to accept answers.

    If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!

    User's image

    0 comments No comments

0 additional answers

Sort by: Most helpful