Microsoft February 2023 Patch Tuesday
Microsoft today patched 80 different vulnerabilities. This includes the Chromium vulnerabilities affecting Microsoft Edge. Nine vulnerabilities are rated as "Critical" by Microsoft.
Three of the vulnerabilities, all rated "important", are already being exploited:
CVE-2023-21715: Microsoft Publisher Security Feature Bypass. This vulnerability will allow the execution of macros bypassing policies blocking them.
CVE-2023-23376: Windows Common Log File Ssytem Driver Elevation of Privilege Vulnerability
CVE-2023-21823: Windows Graphics Component Remote Code Execution Vulnerability. Patches for this vulnerability may only be available via the Microsoft Store. Make sure you have these updates enabled.
Some additional vulnerabilities of interest:
CVE-2023-21803: Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Likely not the most common issue to be patched this month, but something that may easily be missed. This vulnerability, if exploited, could be used for lateral movement.
CVE-2023-21716: Microsoft Word Remote Code Execution Vulnerability. Word is always a great target as it offers a large attack surface. No known exploit for this vulnerability, but its CVSS score of 9.8 will attract some attention. The rating of "critical" implies that it is not necessary to open the document to trigger the vulnerability.
Visual Studio: Several vulnerabilities, two of them critical, affect Visual Studio. Attacks against developers are often not well documented but appear on the rise.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
curl use after free vulnerability affecting CBL Mariner 2.0 | |||||||
CVE-2022-43552 | No | No | - | - | - | ||
.NET Framework Denial of Service Vulnerability | |||||||
CVE-2023-21722 | No | No | Less Likely | Less Likely | Important | 4.4 | 3.9 |
.NET and Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2023-21808 | No | No | Less Likely | Less Likely | Critical | 7.8 | 6.8 |
3D Builder Remote Code Execution Vulnerability | |||||||
CVE-2023-23377 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23390 | No | No | - | - | Important | 7.8 | 6.8 |
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | |||||||
CVE-2023-21777 | No | No | - | - | Important | 8.7 | 7.6 |
Azure Data Box Gateway Remote Code Execution Vulnerability | |||||||
CVE-2023-21703 | No | No | - | - | Important | 6.5 | 5.7 |
Azure DevOps Server Cross-Site Scripting Vulnerability | |||||||
CVE-2023-21564 | No | No | - | - | Important | 7.1 | 6.2 |
Azure DevOps Server Remote Code Execution Vulnerability | |||||||
CVE-2023-21553 | No | No | - | - | Important | 7.5 | 6.5 |
Azure Machine Learning Compute Instance Information Disclosure Vulnerability | |||||||
CVE-2023-23382 | No | No | - | - | Important | 6.5 | 5.7 |
HTTP.sys Information Disclosure Vulnerability | |||||||
CVE-2023-21687 | No | No | - | - | Important | 5.5 | 4.8 |
MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device | |||||||
CVE-2019-15126 | No | No | - | - | - | ||
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | |||||||
CVE-2023-21809 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Defender for IoT Elevation of Privilege Vulnerability | |||||||
CVE-2023-23379 | No | No | - | - | Important | 6.4 | 5.6 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||||
CVE-2023-21807 | No | No | Unlikely | Less Likely | Important | 5.8 | 5.1 |
CVE-2023-21570 | No | No | - | - | Important | 5.4 | 4.7 |
CVE-2023-21571 | No | No | - | - | Important | 5.4 | 4.7 |
CVE-2023-21572 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-21573 | No | No | - | - | Important | 5.4 | 4.7 |
Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability | |||||||
CVE-2023-21778 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||||
CVE-2023-23374 | No | No | Less Likely | Less Likely | Moderate | 8.3 | 7.2 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||||
CVE-2023-21794 | No | No | Less Likely | Less Likely | Low | 4.3 | 3.9 |
Microsoft Edge (Chromium-based) Tampering Vulnerability | |||||||
CVE-2023-21720 | No | No | Less Likely | Less Likely | Low | 5.3 | 4.8 |
Microsoft Exchange Server Remote Code Execution Vulnerability | |||||||
CVE-2023-21706 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21707 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21529 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21710 | No | No | - | - | Important | 7.2 | 6.3 |
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-21797 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21798 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2023-21704 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Office Information Disclosure Vulnerability | |||||||
CVE-2023-21714 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft OneNote Spoofing Vulnerability | |||||||
CVE-2023-21721 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft PostScript Printer Driver Information Disclosure Vulnerability | |||||||
CVE-2023-21693 | No | No | - | - | Important | 5.7 | 5.1 |
Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-21684 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21801 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability | |||||||
CVE-2023-21701 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability | |||||||
CVE-2023-21691 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | |||||||
CVE-2023-21689 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-21690 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-21692 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-21695 | No | No | - | - | Important | 7.5 | 6.5 |
Microsoft Publisher Security Features Bypass Vulnerability | |||||||
CVE-2023-21715 | No | Yes | - | - | Important | 7.3 | 6.4 |
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-21718 | No | No | - | - | Critical | 7.8 | 6.8 |
Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability | |||||||
CVE-2023-21568 | No | No | - | - | Important | 7.3 | 6.4 |
Microsoft SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2023-21528 | No | No | More Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2023-21705 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21713 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |||||||
CVE-2023-21717 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2023-21799 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21685 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-21686 | No | No | - | - | Important | 8.8 | 7.7 |
Microsoft Word Remote Code Execution Vulnerability | |||||||
CVE-2023-21716 | No | No | - | - | Critical | 9.8 | 8.5 |
NT OS Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2023-21688 | No | No | - | - | Important | 7.8 | 6.8 |
Power BI Report Server Spoofing Vulnerability | |||||||
CVE-2023-21806 | No | No | - | - | Important | 8.2 | 7.1 |
Print 3D Remote Code Execution Vulnerability | |||||||
CVE-2023-23378 | No | No | - | - | Important | 7.8 | 7.1 |
Visual Studio Denial of Service Vulnerability | |||||||
CVE-2023-21567 | No | No | More Likely | Less Likely | Important | 5.6 | 5.1 |
Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2023-21566 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2023-21815 | No | No | - | - | Critical | 8.4 | 7.3 |
CVE-2023-23381 | No | No | - | - | Critical | 8.4 | 7.3 |
Windows Active Directory Domain Services API Denial of Service Vulnerability | |||||||
CVE-2023-21816 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-21812 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23376 | No | Yes | - | - | Important | 7.8 | 6.8 |
Windows Distributed File System (DFS) Remote Code Execution Vulnerability | |||||||
CVE-2023-21820 | No | No | - | - | Important | 7.4 | 6.4 |
Windows Fax Service Remote Code Execution Vulnerability | |||||||
CVE-2023-21694 | No | No | - | - | Important | 6.8 | 5.9 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2023-21804 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-21822 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Graphics Component Remote Code Execution Vulnerability | |||||||
CVE-2023-21823 | No | Yes | - | - | Important | 7.8 | 7.5 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2023-21800 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | |||||||
CVE-2023-21697 | No | No | - | - | Important | 6.2 | 5.4 |
CVE-2023-21699 | No | No | - | - | Important | 5.3 | 4.6 |
Windows Kerberos Elevation of Privilege Vulnerability | |||||||
CVE-2023-21817 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows MSHTML Platform Remote Code Execution Vulnerability | |||||||
CVE-2023-21805 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Media Remote Code Execution Vulnerability | |||||||
CVE-2023-21802 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Secure Channel Denial of Service Vulnerability | |||||||
CVE-2023-21813 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
CVE-2023-21818 | No | No | More Likely | More Likely | Important | 7.5 | 6.5 |
CVE-2023-21819 | No | No | - | - | Important | 7.5 | 6.5 |
Windows iSCSI Discovery Service Denial of Service Vulnerability | |||||||
CVE-2023-21700 | No | No | - | - | Important | 7.5 | 6.5 |
Windows iSCSI Discovery Service Remote Code Execution Vulnerability | |||||||
CVE-2023-21803 | No | No | - | - | Critical | 9.8 | 8.5 |
Windows iSCSI Service Denial of Service Vulnerability | |||||||
CVE-2023-21811 | No | No | - | - | Important | 7.5 | 6.5 |
CVE-2023-21702 | No | No | - | - | Important | 7.5 | 6.5 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Comments