
Microsoft has released its February 2023 patch Tuesday security updates to fix multiple vulnerabilities in its products, including three (3) Zero-day vulnerabilities (CVE-2023-21823, CVE-2023-21715, and CVE-2023-23376) that are currently reported to be exploited in the wild.
Based on the official release notes from Microsoft, there are a total of 78 vulnerabilities. Of these vulnerabilities, 7 are classified as critical, 70 are classified as moderate, and 1 is classified as none.
_____________________________
A. List of the Vulnerabilities
Tag | CVE Number | CVE Title | Impact | Max Severity |
Visual Studio | CVE-2023-41953 | GitHub: CVE-2022-41953 Git GUI Clone Remote Code Execution Vulnerability | Remote Code Execution | Important |
3D Builder | CVE-2023-23390 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
Azure Machine Learning | CVE-2023-23382 | Azure Machine Learning Compute Instance Information Disclosure Vulnerability | Information Disclosure | Important |
Visual Studio | CVE-2023-23381 | Visual Studio Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Microsoft Defender for IoT | CVE-2023-23379 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
3D Builder | CVE-2023-23378 | Print 3D Remote Code Execution Vulnerability | Remote Code Execution | Important |
3D Builder | CVE-2023-23377 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows Common Log File System Driver | CVE-2023-23376 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Microsoft Graphics Component | CVE-2023-21823 | Windows Graphics Component Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows Win32K | CVE-2023-21822 | Windows Graphics Component Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Windows Distributed File System (DFS) | CVE-2023-21820 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows Cryptographic Services | CVE-2023-21819 | Windows Secure Channel Denial of Service Vulnerability | Denial of Service | Important |
Windows SChannel | CVE-2023-21818 | Windows Secure Channel Denial of Service Vulnerability | Denial of Service | Important |
Windows Kerberos | CVE-2023-21817 | Windows Kerberos Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Windows Active Directory | CVE-2023-21816 | Windows Active Directory Domain Services API Denial of Service Vulnerability | Denial of Service | Important |
Visual Studio | CVE-2023-21815 | Visual Studio Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Windows Cryptographic Services | CVE-2023-21813 | Windows Secure Channel Denial of Service Vulnerability | Denial of Service | Important |
Windows Common Log File System Driver | CVE-2023-21812 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Windows iSCSI | CVE-2023-21811 | Windows iSCSI Service Denial of Service Vulnerability | Denial of Service | Important |
Microsoft Defender for Endpoint | CVE-2023-21809 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | Security Feature Bypass | Important |
.NET and Visual Studio | CVE-2023-21808 | .NET and Visual Studio Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Dynamics | CVE-2023-21807 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Spoofing | Important |
Power BI | CVE-2023-21806 | Power BI Report Server Spoofing Vulnerability | Spoofing | Important |
Windows MSHTML Platform | CVE-2023-21805 | Windows MSHTML Platform Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Graphics Component | CVE-2023-21804 | Windows Graphics Component Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Windows iSCSI | CVE-2023-21803 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Microsoft Windows Codecs Library | CVE-2023-21802 | Windows Media Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft PostScript Printer Driver | CVE-2023-21801 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows Installer | CVE-2023-21800 | Windows Installer Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Microsoft WDAC OLE DB provider for SQL | CVE-2023-21799 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows ODBC Driver | CVE-2023-21798 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows ODBC Driver | CVE-2023-21797 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Dynamics | CVE-2023-21778 | Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability | Remote Code Execution | Important |
Azure App Service | CVE-2023-21777 | Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
.NET Framework | CVE-2023-21722 | .NET Framework Denial of Service Vulnerability | Denial of Service | Important |
Microsoft Office OneNote | CVE-2023-21721 | Microsoft OneNote Spoofing Vulnerability | Spoofing | Important |
SQL Server | CVE-2023-21718 | Microsoft SQL ODBC Driver Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Office SharePoint | CVE-2023-21717 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Microsoft Office Word | CVE-2023-21716 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Microsoft Office Publisher | CVE-2023-21715 | Microsoft Publisher Security Features Bypass Vulnerability | Security Feature Bypass | Important |
Microsoft Office | CVE-2023-21714 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | Important |
SQL Server | CVE-2023-21713 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Exchange Server | CVE-2023-21710 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Exchange Server | CVE-2023-21707 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Exchange Server | CVE-2023-21706 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
SQL Server | CVE-2023-21705 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
SQL Server | CVE-2023-21704 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Azure Data Box Gateway | CVE-2023-21703 | Azure Data Box Gateway Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows iSCSI | CVE-2023-21702 | Windows iSCSI Service Denial of Service Vulnerability | Denial of Service | Important |
Windows Protected EAP (PEAP) | CVE-2023-21701 | Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability | Denial of Service | Important |
Windows iSCSI | CVE-2023-21700 | Windows iSCSI Discovery Service Denial of Service Vulnerability | Denial of Service | Important |
Internet Storage Name Service | CVE-2023-21699 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | Information Disclosure | Important |
Internet Storage Name Service | CVE-2023-21697 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | Information Disclosure | Important |
Windows Protected EAP (PEAP) | CVE-2023-21695 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | Remote Code Execution | Important |
Windows Fax and Scan Service | CVE-2023-21694 | Windows Fax Service Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft PostScript Printer Driver | CVE-2023-21693 | Microsoft PostScript Printer Driver Information Disclosure Vulnerability | Information Disclosure | Important |
Windows Protected EAP (PEAP) | CVE-2023-21692 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Windows Protected EAP (PEAP) | CVE-2023-21691 | Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability | Information Disclosure | Important |
Windows Protected EAP (PEAP) | CVE-2023-21690 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Windows Protected EAP (PEAP) | CVE-2023-21689 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
Windows ALPC | CVE-2023-21688 | NT OS Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Windows HTTP.sys | CVE-2023-21687 | HTTP.sys Information Disclosure Vulnerability | Information Disclosure | Important |
Microsoft WDAC OLE DB provider for SQL | CVE-2023-21686 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft WDAC OLE DB provider for SQL | CVE-2023-21685 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft PostScript Printer Driver | CVE-2023-21684 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Dynamics | CVE-2023-21573 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Spoofing | Important |
Microsoft Dynamics | CVE-2023-21572 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Spoofing | Important |
Microsoft Dynamics | CVE-2023-21571 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Spoofing | Important |
Microsoft Dynamics | CVE-2023-21570 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Spoofing | Important |
SQL Server | CVE-2023-21568 | Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability | Remote Code Execution | Important |
Visual Studio | CVE-2023-21567 | Visual Studio Denial of Service Vulnerability | Denial of Service | Important |
Visual Studio | CVE-2023-21566 | Visual Studio Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
Azure DevOps | CVE-2023-21564 | Azure DevOps Server Cross-Site Scripting Vulnerability | Spoofing | Important |
Azure DevOps | CVE-2023-21553 | Azure DevOps Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Microsoft Exchange Server | CVE-2023-21529 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
SQL Server | CVE-2023-21528 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
Visual Studio | CVE-2022-23521 | GitHub: CVE-2022-23521 gitattributes parsing integer overflow | Remote Code Execution | Important |
HoloLens | CVE-2019-15126 | MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device | Information Disclosure | None |
_____________________________
B. Actions to be Taken
CERT-PH recommends the following actions be taken:
- Kindly review and apply the necessary updates to mitigate future threats.
- Proactively monitor and secure identified systems and devices for any suspicious/malicious activities.
- For additional information, kindly refer to the official report
- https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb
- https://msrc.microsoft.com/update-guide/vulnerability