Microsoft July 2023 Security Updates

July 2023 Security Updates Updates this MonthThis release consists of the following 130 CVEs and 2 Advisories:Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? **Mitigations?**Windows Certificates ADV230001Windows EFI Partition ADV230002Windows Netlogon CVE-2023-21526Microsoft Graphics Component CVE-2023-21756Windows Admin Center CVE-2023-29347Windows Cluster Server CVE-2023-32033Windows Remote Procedure Call CVE-2023-32034Windows Remote Procedure Call CVE-2023-32035Windows Layer 2 Tunneling Protocol CVE-2023-32037Windows ODBC Driver CVE-2023-32038Microsoft Printer Drivers CVE-2023-32039Microsoft Printer Drivers CVE-2023-32040Windows Update Orchestrator Service CVE-2023-32041Windows OLE CVE-2023-32042Windows Remote Desktop CVE-2023-32043Windows Message Queuing CVE-2023-32044Windows Message Queuing CVE-2023-32045Windows MSHTML Platform CVE-2023-32046Paint 3D CVE-2023-32047Windows SmartScreen CVE-2023-32049Windows Installer CVE-2023-32050Microsoft Windows Codecs Library CVE-2023-32051Microsoft Power Apps CVE-2023-32052Windows Installer CVE-2023-32053Windows Volume Shadow Copy CVE-2023-32054Windows Active Template Library CVE-2023-32055Windows Server Update Service CVE-2023-32056Windows Message Queuing CVE-2023-32057Windows Failover Cluster CVE-2023-32083Windows HTTP.sys CVE-2023-32084Microsoft Printer Drivers CVE-2023-32085.NET and Visual Studio CVE-2023-33127Microsoft Office SharePoint CVE-2023-33134Microsoft Office CVE-2023-33148Microsoft Graphics Component CVE-2023-33149Microsoft Office CVE-2023-33150Microsoft Office Outlook CVE-2023-33151Microsoft Office Access CVE-2023-33152Microsoft Office Outlook CVE-2023-33153Windows Partition Management Driver CVE-2023-33154Windows Cloud Files Mini Filter Driver CVE-2023-33155Windows Defender CVE-2023-33156Microsoft Office SharePoint CVE-2023-33157Microsoft Office Excel CVE-2023-33158Microsoft Office SharePoint CVE-2023-33159Microsoft Office SharePoint CVE-2023-33160Microsoft Office Excel CVE-2023-33161Microsoft Office Excel CVE-2023-33162Windows Network Load Balancing CVE-2023-33163Windows Remote Procedure Call CVE-2023-33164Microsoft Office SharePoint CVE-2023-33165Windows Remote Procedure Call CVE-2023-33166Windows Remote Procedure Call CVE-2023-33167Windows Remote Procedure Call CVE-2023-33168Windows Remote Procedure Call CVE-2023-33169ASP.NET and .NET CVE-2023-33170Microsoft Dynamics CVE-2023-33171Windows Remote Procedure Call CVE-2023-33172Windows Remote Procedure Call CVE-2023-33173Windows Cryptographic Services CVE-2023-33174Microsoft Printer Drivers CVE-2023-35296Windows PGM CVE-2023-35297Windows HTTP.sys CVE-2023-35298Windows Common Log File System Driver CVE-2023-35299Windows Remote Procedure Call CVE-2023-35300Microsoft Printer Drivers CVE-2023-35302Microsoft Windows Codecs Library CVE-2023-35303Windows Kernel CVE-2023-35304Windows Kernel CVE-2023-35305Microsoft Printer Drivers CVE-2023-35306Windows MSHTML Platform CVE-2023-35308Windows Message Queuing CVE-2023-35309Role: DNS Server CVE-2023-35310Microsoft Office Outlook CVE-2023-35311Windows VOLSNAP.SYS CVE-2023-35312Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2023-35313Windows Remote Procedure Call CVE-2023-35314Windows Layer-2 Bridge Network Driver CVE-2023-35315Windows Remote Procedure Call CVE-2023-35316Windows Server Update Service CVE-2023-35317Windows Remote Procedure Call CVE-2023-35318Windows Remote Procedure Call CVE-2023-35319Windows Connected User Experiences and Telemetry CVE-2023-35320Windows Deployment Services CVE-2023-35321Windows Deployment Services CVE-2023-35322Windows Online Certificate Status Protocol (OCSP) SnapIn CVE-2023-35323Microsoft Printer Drivers CVE-2023-35324Windows Print Spooler Components CVE-2023-35325Windows CDP User Components CVE-2023-35326Windows Transaction Manager CVE-2023-35328Windows Authentication Methods CVE-2023-35329Windows SPNEGO Extended Negotiation CVE-2023-35330Windows Local Security Authority (LSA) CVE-2023-35331Windows Remote Desktop CVE-2023-35332Microsoft Media-Wiki Extensions CVE-2023-35333Microsoft Dynamics CVE-2023-35335Windows MSHTML Platform CVE-2023-35336Windows Win32K CVE-2023-35337Windows Peer Name Resolution Protocol CVE-2023-35338Windows CryptoAPI CVE-2023-35339Windows CNG Key Isolation Service CVE-2023-35340Windows Media CVE-2023-35341Windows Image Acquisition CVE-2023-35342Windows Geolocation Service CVE-2023-35343Role: DNS Server CVE-2023-35344Role: DNS Server CVE-2023-35345Role: DNS Server CVE-2023-35346Windows App Store CVE-2023-35347Azure Active Directory CVE-2023-35348Windows Active Directory Certificate Services CVE-2023-35350Windows Active Directory Certificate Services CVE-2023-35351Windows Remote Desktop CVE-2023-35352Windows Connected User Experiences and Telemetry CVE-2023-35353Windows Kernel CVE-2023-35356Windows Kernel CVE-2023-35357Windows Kernel CVE-2023-35358Windows NT OS Kernel CVE-2023-35360Windows NT OS Kernel CVE-2023-35361Windows Clip Service CVE-2023-35362Windows Kernel CVE-2023-35363Windows NT OS Kernel CVE-2023-35364Windows Routing and Remote Access Service (RRAS) CVE-2023-35365Windows Routing and Remote Access Service (RRAS) CVE-2023-35366Windows Routing and Remote Access Service (RRAS) CVE-2023-35367Mono Authenticode CVE-2023-35373Paint 3D CVE-2023-35374Visual Studio Code CVE-2023-36867Service Fabric CVE-2023-36868Azure Active Directory CVE-2023-36871Microsoft Windows Codecs Library CVE-2023-36872Windows Error Reporting CVE-2023-36874Microsoft Office CVE-2023-36884Security Update Guide Blog Posts****Date Blog PostJanuary 11, 2022 Coming Soon: New Security Update Guide Notification SystemFebruary 9, 2021 Continuing to Listen: Good News about the Security Update Guide APIJanuary 13, 2021 Security Update Guide Supports CVEs Assigned by Industry PartnersDecember 8, 2020 Security Update Guide: Let’s keep the conversation goingNovember 9, 2020 Vulnerability Descriptions in the New Version of the Security Update GuideRelevant Resources

• The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Known IssuesYou can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).KB Article Applies To5028166 Windows 10, version 21H2 and Windows 10, version 22H25028168 Windows 10, version 1809, Windows Server 20195028171 Windows Server 20225028182 Windows 11, version 21H25028185 Windows 11, version 22H25028222 Windows Server 2008 (Monthly Rollup)5028224 Windows Server 2008 R2 (Security-only update)5028226 Windows Server 2008 (Security-only update)5028240 Windows Server 2008 R2 (Monthly Rollup)Released: Jul 11, 2023July 2023 Security Updates - Release Notes - Security Update Guide - Microsoft