From 004cc71162a9bec69f3d1015943f261cc09e6a5d Mon Sep 17 00:00:00 2001
From: Serki Ashagre <132869385+LSerki@users.noreply.github.com>
Date: Wed, 15 Nov 2023 14:18:52 +0800
Subject: [PATCH] Microsoft Releases October 2023 Security Updates -
 20231115003

---
 ...-Releases-October-2023-Security-Updates.md | 17 ++++++++++++
 ...wn-Exploited-Vulnerabilities-to-Catalog.md | 27 +++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 docs/advisories/20231115003-Microsoft-Releases-October-2023-Security-Updates.md
 create mode 100644 docs/advisories/20231115004-CISA-Adds-Three-Known-Exploited-Vulnerabilities-to-Catalog.md

diff --git a/docs/advisories/20231115003-Microsoft-Releases-October-2023-Security-Updates.md b/docs/advisories/20231115003-Microsoft-Releases-October-2023-Security-Updates.md
new file mode 100644
index 00000000..403992de
--- /dev/null
+++ b/docs/advisories/20231115003-Microsoft-Releases-October-2023-Security-Updates.md
@@ -0,0 +1,17 @@
+# Microsoft Releases October 2023 Security Updates - 20231115003
+
+## Overview
+
+Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system.
+
+## What is the vulnerability?
+
+A list of vulnerabilities and products can be found [November 2023 Security Update Guide](https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov)
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe  (refer [Patch Management](../guidelines/patch-management.md)):
+
+## Additional References
+
+- [Microsoft Releases October 2023 Security Updates](https://www.cisa.gov/news-events/alerts/2023/11/14/microsoft-releases-october-2023-security-updates)
diff --git a/docs/advisories/20231115004-CISA-Adds-Three-Known-Exploited-Vulnerabilities-to-Catalog.md b/docs/advisories/20231115004-CISA-Adds-Three-Known-Exploited-Vulnerabilities-to-Catalog.md
new file mode 100644
index 00000000..96119d64
--- /dev/null
+++ b/docs/advisories/20231115004-CISA-Adds-Three-Known-Exploited-Vulnerabilities-to-Catalog.md
@@ -0,0 +1,27 @@
+# CISA Adds Three Known Exploited Vulnerabilities to Catalog - 20231115004
+
+## Overview
+
+CISA has added three new vulnerabilities to its [Known Exploited Vulnerabilities Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog "Known Exploited Vulnerabilities Catalog"), based on evidence of active exploitation.
+
+## What is the vulnerability?
+
+[**CVE-2023-36033**](https://nvd.nist.gov/vuln/detail/CVE-2023-36033) Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability - CVSS v3 Base Score: ***7.8***
+
+[**CVE-2023-36025**](hhttps://nvd.nist.gov/vuln/detail/CVE-2023-36025) Microsoft Windows SmartScreen Security Feature Bypass Vulnerability - CVSS v3 Base Score: ***8.8***
+
+[**CVE-2023-36036**](https://nvd.nist.gov/vuln/detail/CVE-2023-36036) Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability - CVSS v3 Base Score: ***7.8***
+
+
+
+## What has been observed?
+
+CISA added this vulnerabilty in their [Known Exploited Vulnerabilties](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) catalog on *2023-11-14*.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer [Patch Management](../guidelines/patch-management.md)):
+
+### Additional Resources
+
+- [Known Exploited Vulnerabilities Catalog](https://www.cisa.gov/news-events/alerts/2023/11/14/cisa-adds-three-known-exploited-vulnerabilities-catalog)
\ No newline at end of file