Microsoft October 2023 Security Updates
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
October 2023 Security Updates **This release consists of the following 103 Microsoft CVEs:**Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? **Mitigations?**Windows RDP CVE-2023-29348Windows Message Queuing CVE-2023-35349Azure SDK CVE-2023-36414Azure SDK CVE-2023-36415Microsoft Dynamics CVE-2023-36416SQL Server CVE-2023-36417Azure Real Time Operating System CVE-2023-36418Azure CVE-2023-36419SQL Server CVE-2023-36420Microsoft Dynamics CVE-2023-36429Windows Message Queuing CVE-2023-36431Microsoft Dynamics CVE-2023-36433Windows IIS CVE-2023-36434Microsoft QUIC CVE-2023-36435Windows HTML Platform CVE-2023-36436Windows TCP/IP CVE-2023-36438Windows HTML Platform CVE-2023-36557Azure DevOps CVE-2023-36561Microsoft WordPad CVE-2023-36563Microsoft Windows Search Component CVE-2023-36564Microsoft Office CVE-2023-36565Microsoft Common Data Model SDK CVE-2023-36566Windows Deployment Services CVE-2023-36567Microsoft Office CVE-2023-36568Microsoft Office CVE-2023-36569Windows Message Queuing CVE-2023-36570Windows Message Queuing CVE-2023-36571Windows Message Queuing CVE-2023-36572Windows Message Queuing CVE-2023-36573Windows Message Queuing CVE-2023-36574Windows Message Queuing CVE-2023-36575Windows Kernel CVE-2023-36576Microsoft WDAC OLE DB provider for SQL CVE-2023-36577Windows Message Queuing CVE-2023-36578Windows Message Queuing CVE-2023-36579Windows Message Queuing CVE-2023-36581Windows Message Queuing CVE-2023-36582Windows Message Queuing CVE-2023-36583Windows Mark of the Web (MOTW) CVE-2023-36584Windows Active Template Library CVE-2023-36585Windows Message Queuing CVE-2023-36589Windows Message Queuing CVE-2023-36590Windows Message Queuing CVE-2023-36591Windows Message Queuing CVE-2023-36592Windows Message Queuing CVE-2023-36593Microsoft Graphics Component CVE-2023-36594Windows Remote Procedure Call CVE-2023-36596SQL Server CVE-2023-36598Windows TCP/IP CVE-2023-36602Windows TCP/IP CVE-2023-36603Windows Named Pipe File System CVE-2023-36605Windows Message Queuing CVE-2023-36606Windows Message Queuing CVE-2023-36697Windows Kernel CVE-2023-36698Windows Resilient File System (ReFS) CVE-2023-36701Windows Microsoft DirectMusic CVE-2023-36702Windows DHCP Server CVE-2023-36703Windows Setup Files Cleanup CVE-2023-36704Windows Deployment Services CVE-2023-36706Windows Deployment Services CVE-2023-36707Windows AllJoyn API CVE-2023-36709Microsoft Windows Media Foundation CVE-2023-36710Windows Runtime C++ Template Library CVE-2023-36711Windows Kernel CVE-2023-36712Windows Common Log File System Driver CVE-2023-36713Windows TPM CVE-2023-36717Windows Virtual Trusted Platform Module CVE-2023-36718Windows Mixed Reality Developer Tools CVE-2023-36720Windows Error Reporting CVE-2023-36721Active Directory Domain Services CVE-2023-36722Windows Container Manager Service CVE-2023-36723Windows Power Management Service CVE-2023-36724Windows NT OS Kernel CVE-2023-36725Windows IKE Extension CVE-2023-36726SQL Server CVE-2023-36728Windows Named Pipe File System CVE-2023-36729SQL Server CVE-2023-36730Windows Win32K CVE-2023-36731Windows Win32K CVE-2023-36732Azure CVE-2023-36737 7Windows Win32K CVE-2023-36743Windows Win32K CVE-2023-36776Microsoft Exchange Server CVE-2023-36778Skype for Business CVE-2023-36780SQL Server CVE-2023-36785Skype for Business CVE-2023-36786Skype for Business CVE-2023-36789Windows RDP CVE-2023-36790Windows Client/Server Runtime Subsystem CVE-2023-36902Microsoft Graphics Component CVE-2023-38159Windows Layer 2 Tunneling Protocol CVE-2023-38166Microsoft QUIC CVE-2023-38171Skype for Business CVE-2023-41763Windows Layer 2 Tunneling Protocol CVE-2023-41765Client Server Run-time Subsystem (CSRSS) CVE-2023-41766Windows Layer 2 Tunneling Protocol CVE-2023-41767Windows Layer 2 Tunneling Protocol CVE-2023-41768Windows Layer 2 Tunneling Protocol CVE-2023-41769Windows Layer 2 Tunneling Protocol CVE-2023-41770Windows Layer 2 Tunneling Protocol CVE-2023-41771Windows Win32K CVE-2023-41772Windows Layer 2 Tunneling Protocol CVE-2023-41773Windows Layer 2 Tunneling Protocol CVE-2023-41774**We are republising 2 non-Microsoft CVEs:**CNA Tag CVE FAQs? Workarounds? **Mitigations?**MITRE Corporation HTTP/2 CVE-2023-44487Chrome Microsoft Edge (Chromium-based) CVE-2023-5346Security Update Guide Blog Posts****Date Blog PostOctober 12, 2022 Improvements in Security Update Notifications Delivery - And a New Delivery MethodJanuary 11, 2022 Coming Soon: New Security Update Guide Notification SystemFebruary 9, 2021 Continuing to Listen: Good News about the Security Update Guide APIJanuary 13, 2021 Security Update Guide Supports CVEs Assigned by Industry PartnersDecember 8, 2020 Security Update Guide: Let’s keep the conversation goingNovember 9, 2020 Vulnerability Descriptions in the New Version of the Security Update GuideRelevant Resources
- The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
- Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
- Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
- A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
- In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
- Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
Known IssuesYou can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).KB Article Applies To5031364 Windows Server 20225031408 Windows Server 2008 R2 (Monthly Rollup)5031411 Windows Server 2008 (Security-only update)5031416 Windows Server 2008 (Monthly Rollup)5031441 Windows Server 2008 R2 (Security-only update)Released: Oct 10, 2023October 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
Windows for home | Windows 11 | Windows update
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
{count} votes
2 answers
Sort by: Most helpful
-
Deleted
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
-
Deleted
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more