Vulnerability Watch

Forum Discussion

snarang's avatar
snarang
Product Team
3 years ago

Microsoft’s February 2023 Patch Tuesday Addresses 75 CVEs...

Microsoft’s February 2023 Patch Tuesday Addresses 75 CVEs

On February 14, Microsoft released its February 2023 Patch Tuesday release which patched 75 CVEs with nine rated as critical and 66 rated as important.

This month, Microsoft patched three zero-day vulnerabilities that were exploited in the wild. They include:

  • CVE-2023-23376: Windows Common Log File System Driver Elevation of Privilege Vulnerability
  • CVE-2023-21823: Windows Graphics Component Elevation of Privilege Vulnerability
  • CVE-2023-21715: Microsoft Office Security Feature Bypass Vulnerability

Additionally, Microsoft patched four remote code execution flaws in Microsoft Exchange Server (CVE-2023-21529, CVE-2023-21706, CVE-2023-21707 and CVE-2023-21710) that are rated “Exploitation More Likely.” We recently published a blog post surrounding several notable known vulnerabilities affecting Microsoft Exchange Server including ProxyNotShell, OWASSRF and TabShell and the importance of applying Exchange Server patches.

This month’s update includes patches for:

  • .NET and Visual Studio
  • .NET Framework
  • 3D Builder
  • Azure App Service
  • Azure Data Box Gateway
  • Azure DevOps
  • Azure Machine Learning
  • HoloLens
  • Internet Storage Name Service
  • Microsoft Defender for Endpoint
  • Microsoft Defender for IoT
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office OneNote
  • Microsoft Office Publisher
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft PostScript Printer Driver
  • Microsoft WDAC OLE DB provider for SQL
  • Microsoft Windows Codecs Library
  • Power BI
  • SQL Server
  • Visual Studio
  • Windows Active Directory
  • Windows ALPC
  • Windows Common Log File System Driver
  • Windows Cryptographic Services
  • Windows Distributed File System (DFS)
  • Windows Fax and Scan Service
  • Windows HTTP.sys
  • Windows Installer
  • Windows iSCSI
  • Windows Kerberos
  • Windows MSHTML Platform
  • Windows ODBC Driver
  • Windows Protected EAP (PEAP)
  • Windows SChannel
  • Windows Win32K

For more information, please visit our blog.

Cyber Exposure Alerts
No RepliesBe the first to reply

Recent Discussions