Microsoft Releases December 2023 Patch Tuesday Updates for Windows 11 and 10
Key Takeaways:
- Microsoft has released the December 2023 Patch Tuesday updates to fix 33 vulnerabilities in Windows 11 and Windows 10.
- The KB5033375 update brings enhancements for Windows 11 23H2 and 22H2, allowing users to access the Copilot AI assistant across multiple monitors.
- Microsoft announced the public rollout of Copilot on non-managed Windows 10 devices.
Microsoft released its monthly Patch Tuesday updates for Windows 11 and Windows 10 yesterday. The company rolled out 33 new patches to fix several vulnerabilities in Windows, Microsoft Office, Windows Defender, and other components.
The December Patch Tuesday release is usually small, and this month follows suit with fewer security patches compared to recent months. On the quality and experience updates front, Microsoft has introduced a couple of enhancements for Windows 10 and Windows 11 versions 23H2 and 22H2.
33 vulnerabilities fixed in the December 2023 Patch Tuesday updates
This month, Microsoft addressed a total of 33 vulnerabilities, four of which were deemed Critical. Additionally, there are 29 security flaws rated as “Important” in terms of severity. Here’s a list of the most notable vulnerabilities Microsoft addressed in December:
- CVE-2023-35628: This is a critical remote code execution flaw in the Windows MSHTML platform. The bug has a severity rating of out of 10 on the CVSS scale. Threat actors could exploit this vulnerability by sending a specially crafted email and tricking the user to click on the malicious link.
- CVE-2023-20588: The speculative leaks vulnerability affects some AMD processors, and it was first disclosed in August. The proof-of-concept is already available, but the hacker would need local access to exploit the vulnerability on Windows PCs.
- CVE-2023-35641 and CVE-2023-35630: Both critical remote code execution flaws affect the Internet Connection Sharing (ICS) feature in Windows. The feature allows users to share their internet connection with other computers on the same local area network (LAN). Attackers could exploit CVE-2023-3541 by sending a specially crafted DHCP message to a server running Internet Connection Sharing. Meanwhile, CVE-2023-35630 can be exploited by modifying a setting in the DHCPv6 message structure.
- CVE-2023-35636: This is an information disclosure flaw in Microsoft Outlook. The vulnerability could expose NTLM hashes that might be used to impersonate other users and penetrate the corporate network.
You can find the full list of CVEs addressed in the December 2023 Patch Tuesday Updates below:
| Product | Impact | Max Severity | Article | Details |
| Dynamics 365 for Finance and Operations Platform Update 60 | Denial of Service | Important | Release Notes | CVE-2023-35621 |
| Windows Server 2012 R2 (Server Core installation) | Spoofing | Important | 5033420 | CVE-2023-35622 |
| Windows Server 2012 R2 | Spoofing | Important | 5033420 | CVE-2023-35622 |
| Windows Server 2012 (Server Core installation) | Spoofing | Important | 5033429 | CVE-2023-35622 |
| Windows Server 2012 | Spoofing | Important | 5033429 | CVE-2023-35622 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Spoofing | Important | 5033433 | CVE-2023-35622 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Spoofing | Important | 5033424 | CVE-2023-35622 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Spoofing | Important | 5033433 | CVE-2023-35622 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Spoofing | Important | 5033424 | CVE-2023-35622 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Spoofing | Important | 5033422 | CVE-2023-35622 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Spoofing | Important | 5033427 | CVE-2023-35622 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | Spoofing | Important | 5033422 | CVE-2023-35622 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | Spoofing | Important | 5033427 | CVE-2023-35622 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Spoofing | Important | 5033422 | CVE-2023-35622 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Spoofing | Important | 5033427 | CVE-2023-35622 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | Spoofing | Important | 5033422 | CVE-2023-35622 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | Spoofing | Important | 5033427 | CVE-2023-35622 |
| Windows Server 2016 (Server Core installation) | Spoofing | Important | 5033373 | CVE-2023-35622 |
| Windows Server 2016 | Spoofing | Important | 5033373 | CVE-2023-35622 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | Spoofing | Important | 5033383 | CVE-2023-35622 |
| Windows Server 2022 (Server Core installation) | Spoofing | Important | 5033118 | CVE-2023-35622 |
| Windows Server 2022 (Server Core installation) | Spoofing | Important | 5033464 | CVE-2023-35622 |
| Windows Server 2022 | Spoofing | Important | 5033118 | CVE-2023-35622 |
| Windows Server 2022 | Spoofing | Important | 5033464 | CVE-2023-35622 |
| Windows Server 2019 (Server Core installation) | Spoofing | Important | 5033371 | CVE-2023-35622 |
| Windows Server 2019 | Spoofing | Important | 5033371 | CVE-2023-35622 |
| Microsoft Office LTSC for Mac 2021 | Spoofing | Important | Release Notes | CVE-2023-35619 |
| Windows 10 Version 1607 for x64-based Systems | Information Disclosure | Important | 5033373 | CVE-2023-20588 |
| Windows 10 Version 1607 for 32-bit Systems | Information Disclosure | Important | 5033373 | CVE-2023-20588 |
| Windows 10 for x64-based Systems | Information Disclosure | Important | 5033379 | CVE-2023-20588 |
| Windows 10 for 32-bit Systems | Information Disclosure | Important | 5033379 | CVE-2023-20588 |
| Windows 11 Version 23H2 for x64-based Systems | Information Disclosure | Important | 5033375 | CVE-2023-20588 |
| Windows 11 Version 23H2 for ARM64-based Systems | Information Disclosure | Important | 5033375 | CVE-2023-20588 |
| Windows 10 Version 22H2 for 32-bit Systems | Information Disclosure | Important | 5033372 | CVE-2023-20588 |
| Windows 10 Version 22H2 for ARM64-based Systems | Information Disclosure | Important | 5033372 | CVE-2023-20588 |
| Windows 10 Version 22H2 for x64-based Systems | Information Disclosure | Important | 5033372 | CVE-2023-20588 |
| Windows 11 Version 22H2 for x64-based Systems | Information Disclosure | Important | 5033375 | CVE-2023-20588 |
| Windows 11 Version 22H2 for ARM64-based Systems | Information Disclosure | Important | 5033375 | CVE-2023-20588 |
| Windows 10 Version 21H2 for x64-based Systems | Information Disclosure | Important | 5033372 | CVE-2023-20588 |
| Windows 10 Version 21H2 for ARM64-based Systems | Information Disclosure | Important | 5033372 | CVE-2023-20588 |
| Windows 10 Version 21H2 for 32-bit Systems | Information Disclosure | Important | 5033372 | CVE-2023-20588 |
| Windows 11 version 21H2 for ARM64-based Systems | Information Disclosure | Important | 5033369 | CVE-2023-20588 |
| Windows 11 version 21H2 for x64-based Systems | Information Disclosure | Important | 5033369 | CVE-2023-20588 |
| Windows 10 Version 1809 for ARM64-based Systems | Information Disclosure | Important | 5033371 | CVE-2023-20588 |
| Windows 10 Version 1809 for x64-based Systems | Information Disclosure | Important | 5033371 | CVE-2023-20588 |
| Windows 10 Version 1809 for 32-bit Systems | Information Disclosure | Important | 5033371 | CVE-2023-20588 |
| Windows Server 2012 R2 (Server Core installation) | Remote Code Execution | Critical | 5033376 | CVE-2023-35628 |
| Windows Server 2012 R2 | Remote Code Execution | Critical | 5033376 | CVE-2023-35628 |
| Windows Server 2012 (Server Core installation) | Remote Code Execution | Critical | 5033376 | CVE-2023-35628 |
| Windows Server 2012 | Remote Code Execution | Critical | 5033376 | CVE-2023-35628 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Remote Code Execution | Critical | 5033376 | CVE-2023-35628 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Remote Code Execution | Critical | 5033376 | CVE-2023-35628 |
| Microsoft Office 2016 (64-bit edition) | Information Disclosure | Important | 5002520 | CVE-2023-36009 |
| Microsoft Office 2016 (32-bit edition) | Information Disclosure | Important | 5002520 | CVE-2023-36009 |
| Microsoft Office LTSC 2021 for 32-bit editions | Information Disclosure | Important | Click to Run | CVE-2023-36009 |
| Microsoft Office LTSC 2021 for 64-bit editions | Information Disclosure | Important | Click to Run | CVE-2023-36009 |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Information Disclosure | Important | Click to Run | CVE-2023-36009 |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Information Disclosure | Important | Click to Run | CVE-2023-36009 |
| Microsoft Office 2019 for 64-bit editions | Information Disclosure | Important | Click to Run | CVE-2023-36009 |
| Microsoft Office 2019 for 32-bit editions | Information Disclosure | Important | Click to Run | CVE-2023-36009 |
| Dynamics 365 for Finance and Operations Version 10.0.37 Platform Update 61 | Denial of Service | Important | Release Notes | CVE-2023-35621 |
| Dynamics 365 for Finance and Operations Version 10.0.38 Platform Update 62 | Denial of Service | Important | Release Notes | CVE-2023-35621 |
| Azure Machine Learning SDK | Information Disclosure | Important | Release Notes | CVE-2023-35625 |
| Azure Connected Machine Agent | Elevation of Privilege | Important | Release Notes | CVE-2023-35624 |
| Azure Logic Apps | Spoofing | Critical | Release Notes | CVE-2023-36019 |
| Microsoft Power Platform | Spoofing | Critical | Release Notes | CVE-2023-36019 |
| Microsoft Dynamics 365 (on-premises) version 9.0 | Spoofing | Important | 5032298 | CVE-2023-36020 |
| Microsoft Dynamics 365 (on-premises) version 9.1 | Spoofing | Important | 5032297 | CVE-2023-36020 |
| Microsoft Office 2016 (64-bit edition) | Information Disclosure | Important | 5002529 | CVE-2023-35636 |
| Microsoft Office 2016 (32-bit edition) | Information Disclosure | Important | 5002529 | CVE-2023-35636 |
| Microsoft Malware Protection Platform | Denial of Service | Important | Release Notes | CVE-2023-36010 |
Quality and experience updates
Microsoft released the KB5033375 update for PCs running Windows 11 23H2 and 22H2. This release allows users to access Windows Copilot across multiple monitors. The AI assistant will open on the display where the Copilot taskbar icon has been clicked. Users can press Alt + Tab to view the Copilot window alongside other app thumbnails.
Microsoft has also announced the public rollout of Copilot on non-managed Windows 10 devices. The AI assistant appears as a button on the right side of the taskbar. Microsoft previously said that the Copilot feature currently lacks the ability to open Windows apps and customize preferences and settings.
Microsoft has also added the “Get the latest updates as soon as they are available” toggle in Windows Update on non-managed devices. The Copilot feature is currently rolling out to a small set of Windows 10 users. Users need to enable the toggle button to get early access to the AI assistant on their PCs.
Windows Update testing and best practices
Microsoft advises organizations to perform thorough testing to confirm that updates do not compromise the stability of their production systems. However, it is crucial to deploy Patch Tuesday updates to proactively address potential threats.
Additionally, IT administrators must prioritize backing up their systems before applying updates, utilizing the built-in backup features of Windows and Windows Server. These features allow for the restoration of specific files and folders or entire systems as required.
Last but not least, organizations should consistently monitor their systems for anomalies or unexpected behaviors. Regular monitoring is essential for staying vigilant against emerging risks and adopting appropriate security measures.