The Patch Report for November 2023
#ThePatchReport #ZeroDayInitiative #0day
Welcome to the November 2023 edition of the Patch Report – our brief look into the latest security updates from Microsoft, Adobe, and beyond. It’s a huge release from Adobe, and there are three new Microsoft 0-days to cover. And sadly, an Exchange patch as well.
You can read the full patch blog at:
https://www.zerodayinitiative.com/blog/2023/11/14/the-november-2023-security-update-review
00:00 Introduction
00:38 Largest Adobe patch in a while
00:53 17 CVEs in Acrobat and Reader
01:01 3 Critical Cold Fusion bugs
01:32 Microsoft patches
01:46 Windows DWM 0-day
02:14 Windows Cloud Mini Filter 0-day
02:34 SmartScreen SFB 0-day
03:15 Windows PGM remote code execution
04:16 Addition to the table calling out extra steps for patching
04:46 Other critical-rated bugs
05:17 Exchange – Again
https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-serialization-payload-sign?view=exchserver-2019#november-2023-su
06:24 Blazor forum SFB
06:50 Extra steps needed with the Open Management Infrastructure patch
07:33 Wrap up and feedback
by Zero Day Initiative
windows server dhcp
Love the fact you're now calling out where extra steps are required.