Article

Alert: Microsoft Security Updates – August 2023

Microsoft released security updates to fix vulnerabilities in their software products that include, but are not limited to:

Windows OS: 10 and 11.
Windows Server: 2012, 2016, 2019, 2022.
Microsoft SQL Server 2019, 2022.
Microsoft Exchange Server 2016, 2019.
Microsoft Office: 2016, 2019, Microsoft 365.

The released security updates fix multiple vulnerabilities, which include two zero-day vulnerabilities:

Security Risks

If the identified vulnerabilities in Microsoft products are not patched, authenticated attackers can remotely gain control of vulnerable systems and run malicious code with elevated privileges.

For the full list of security patches released by Microsoft, please refer to Microsoft Security Update Guide.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and administrators:

1. apply the latest security patches, as soon as possible, to prevent unauthorized control over unpatched systems.

2. upgrade immediately to the latest supported version of installed Microsoft software in order to continue receiving technical support and security patches.

The following Microsoft software products reached their end-of-life and need to be upgraded immediately:

Windows Vista, XP, 8 and 7
Windows Server 2003, 2003 RE, 2008, 2008 RE, 2008 SP2
Exchange Server 2003, 2007, 2010, 2013
Microsoft SQL Server 2005, 2008, 2012
Microsoft Office 2013

3. Before any updating task, ensure you have a current tested backup of your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by emailing rwcsirt@ncsa.gov.rw or calling us on 9009

References

Release Note - August 2023.

10 August 2023

More updates

18 July 2024

Alert: Compiled Cisco Security Updates – July 2024

Cisco has released security updates to address vulnerabilities in multiple Cisco products.

18 July 2024

Alert: Oracle Security Updates – July 2024

Oracle has released its July 2024 Critical Patch Update (CPU), which includes 386 security patches to address approximately 240 vulnerabilities across…

11 July 2024

Alert: Apache HTTP Server Security Updates – July 2024

The Apache Software Foundation has released security updates to address multiple vulnerabilities in the Apache HTTP Server.

10 July 2024

Alert: Microsoft Security Updates – July 2024

Microsoft has released security updates to address 142 vulnerabilities across multiple products.

Microsoft released security updates to fix vulnerabilities in their software products that include, but are not limited to:

Windows OS: 10 and 11.

Windows Server: 2012, 2016, 2019, 2022.

Microsoft SQL Server 2019, 2022.

Microsoft Exchange Server 2016, 2019.

Microsoft Office: 2016, 2019, Microsoft 365.

The released security updates fix multiple vulnerabilities, which include two zero-day vulnerabilities:

ADV230003

CVE-2023-38180

Security Risks

If the identified vulnerabilities in Microsoft products are not patched, authenticated attackers can remotely gain control of vulnerable systems and run malicious code with elevated privileges.

For the full list of security patches released by Microsoft, please refer to Microsoft Security Update Guide.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and administrators:

1. apply the latest security patches, as soon as possible, to prevent unauthorized control over unpatched systems.

2. upgrade immediately to the latest supported version of installed Microsoft software in order to continue receiving technical support and security patches.

The following Microsoft software products reached their end-of-life and need to be upgraded immediately:

Windows Vista, XP, 8 and 7

Windows Server 2003, 2003 RE, 2008, 2008 RE, 2008 SP2

Exchange Server 2003, 2007, 2010, 2013

Microsoft SQL Server 2005, 2008, 2012

Microsoft Office 2013

3. Before any updating task, ensure you have a current tested backup of your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by emailing rwcsirt@ncsa.gov.rw or calling us on 9009

References

Release Note - August 2023.

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224

Microsoft released security updates to fix vulnerabilities in their software products that include, but are not limited to:

Windows OS: 10 and 11.

Windows Server: 2012, 2016, 2019, 2022.

Microsoft SQL Server 2019, 2022.

Microsoft Exchange Server 2016, 2019.

Microsoft Office: 2016, 2019, Microsoft 365.

The released security updates fix multiple vulnerabilities, which include two zero-day vulnerabilities:

ADV230003

CVE-2023-38180

Security Risks

If the identified vulnerabilities in Microsoft products are not patched, authenticated attackers can remotely gain control of vulnerable systems and run malicious code with elevated privileges.

For the full list of security patches released by Microsoft, please refer to Microsoft Security Update Guide.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and administrators:

1. apply the latest security patches, as soon as possible, to prevent unauthorized control over unpatched systems.

2. upgrade immediately to the latest supported version of installed Microsoft software in order to continue receiving technical support and security patches.

The following Microsoft software products reached their end-of-life and need to be upgraded immediately:

Windows Vista, XP, 8 and 7

Windows Server 2003, 2003 RE, 2008, 2008 RE, 2008 SP2

Exchange Server 2003, 2007, 2010, 2013

Microsoft SQL Server 2005, 2008, 2012

Microsoft Office 2013

3. Before any updating task, ensure you have a current tested backup of your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by emailing rwcsirt@ncsa.gov.rw or calling us on 9009

References

Release Note - August 2023.

​​​​