- 43/2023
- Critical
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for three actively exploited zero-day vulnerabilities.
Microsoft has fixed (77) vulnerabilities, with (9) classified as critical as they could allow the attacker to perform code execution, bypass security features, elevate privileges, or cause a denial of service.
February’s Patch Tuesday was released to fix security flaws in some products such as .NET and Visual Studio, .NET Framework, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office OneNote, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Power BI, SQL Server, Windows Active Directory, Windows iSCSI, Windows ODBC Driver, and Windows Protected EAP (PEAP).
The actively exploited zero-day vulnerabilities fixed in February’s Patch are:
• Windows Graphics Component Remote Code Execution Vulnerability allows attackers to execute commands with SYSTEM privileges – CVE-2023-21823.
• Microsoft Publisher Security Features Bypass Vulnerability allows a specially crafted document to bypass Office macro policies that block untrusted or malicious files – CVE-2023-21715.
• Windows Common Log File System Driver Elevation of Privilege – CVE-2023-23376.
Sample of the addressed vulnerabilities:
1. Microsoft Word Code Execution (CVE-2023-21716):
• CVSS: 9.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access
2. Microsoft Windows Active Directory Domain Services API Denial of Service (CVE-2023-21808):
• CVSS: 7.5
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.