What is CVE-2023-29363?

CVE-2023-29363 is a critical security vulnerability affecting the Windows Pragmatic General Multicast (PGM) in various Microsoft Windows operating systems, including Windows 10, Windows 11, and Windows Server versions. This vulnerability could allow an attacker to execute remote code on affected systems, which include x64, x86, and ARM64 systems running the impacted Windows operating systems.

Who is impacted by this?

The CVE-2023-29363 vulnerability affects users of various Microsoft Windows operating systems, including multiple versions of Windows 10, Windows 11, and Windows Server. . It is essential for users to be aware of this issue and take necessary precautions to protect their systems.

What to do if CVE-2023-29363 affected you

If you're impacted by the CVE-2023-29363 vulnerability, it's crucial to take action to protect your system. Follow these simple steps:

1. Disable the Windows message queuing service if not required.

2. Check for a running "Message Queuing" service and if TCP port 1801 is listening on your machine.

3. Apply the security updates provided by Microsoft for your specific Windows version and platform.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29363 vulnerability, also known as the Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical issue affects various Microsoft Windows operating systems and requires users to apply a security patch provided by Microsoft to protect their systems.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-122, a heap-based buffer overflow issue affecting Windows Pragmatic General Multicast (PGM).

Learn More

For a comprehensive understanding of the vulnerability, consult the NVD page and the sources listed below.

• Microsoft Security Update Guide

• CVE Record