Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. This time there were only 3 vulnerabilities used in attacks or with a public exploit. And only one of them is more or less relevant. TOP of the Vulristics report 00:38 Memory Corruption – Microsoft Edge (CVE-2023-3079) 01:12 Remote Code Execution – GitHub (CVE-2023-29007) 01:40 Spoofing – Microsoft OneNote (CVE-2023-33140) 02:01 10 vulnerabilities CVSS Temporal Metrics “Proof-of-Concept Exploit“ No exploits or signs of exploitation in the wild 03:10 Remote Code Execution – Windows Pragmatic General Multicast (PGM) (CVE-2023-29363, CVE-2023-32014, CVE-2023-32015) 04:02 Remote Code Execution – Microsoft Exchange (CVE-2023-32031, CVE-2023-28310) 05:27 Elevation of Privilege – Microsoft SharePoint (CVE-2023-29357) Blogpost: #PatchTuesday #Microsoft #Vulristics #dotNET #DoS #Edge #Exchange #git #Github #Edge #OneNote #PGM #RCE #SharePoint #Spoofing #VisualStudio #YARP