Microsoft’s February 2023 Patch Tuesday landed on Valentine’s Day and brought security updates that fixed three actively exploited zero-day vulnerabilities and about 77 other flaws. Of the 77, nine have been classified as ‘Critical’ because they allow remote code execution on affected devices.
The vulnerabilities were categorized into the following:
- 8 Spoofing Vulnerabilities
- 10 Denial of Service Vulnerabilities
- 8 Information Disclosure Vulnerabilities
- 38 Remote Code Execution Vulnerabilities
- 2 Security Feature Bypass Vulnerabilities
- 12 Elevation of Privilege Vulnerabilities
In this categorization, three Microsoft Edge vulnerabilities fixed earlier this month are not mentioned.
The vulnerabilities
Users who want to know more about the non-security updates Redmond dropped on Tuesday can check out the release notes on Microsoft’s official website for Windows 11 cumulative updates and Windows 10 updates.
The updates patch three actively exploited zero-day vulnerabilities used in attacks. According to Microsoft, the “zero-day” classification only applies when a vulnerability is publicly disclosed or actively exploited without an official patch available.
The three vulnerabilities fixed include:
- CVE-2023-21823 – Windows Graphics Component Remote Code Execution Vulnerability: This zero-day vulnerability discovered by Dhanesh Kizhakkinan and Genwei Jiang of Mandiant allows attackers to execute commands with SYSTEM privileges. The security update for this vulnerability will be pushed out to users via the Microsoft Store rather than Windows Update.
- CVE-2023-21715 – Microsoft Publisher Security Features Bypass Vulnerability: Discovered by Hidetake Jo of Microsoft, this vulnerability in Microsoft Publisher allows a specially crafted document to bypass Office macro policies, effectively allowing macros in a malicious Publisher document to run without first warning the user.
- CVE-2023-23376 – Windows Common Log File System Driver Elevation of Privilege Vulnerability: This vulnerability was discovered by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC). It allows an attacker to gain SYSTEM privileges if successfully exploited.
Tip: Microsoft issues patches to fix issues with 22H2 Windows 11 update
13 hours ago
