Microsoft on Tuesday released patches for 57 vulnerabilities, including 31 for Windows. Eleven other product groups are also affected. Of the 57 CVEs addressed, just 3 are considered Critical in severity; 2 of those are in Windows, while the third falls in Azure. One CVE, an Important-severity elevation-of-privilege issue (CVE-2023-36049), affects both .NET and Visual Studio; another Important-severity EoP affects .NET, Visual Studio, and also ASP.NET.
At press time, three Windows issues are known to be under exploit in the wild. (Or, depending on how you count these things, there are four, as we’ll discuss in the Notable November Updates section below.) An additional 10 vulnerabilities in Windows, Exchange, Office, and SharePoint are by the company’s estimation more likely to…
Source link