Microsoft has released its February 2023 patch Tuesday security updates to fix multiple vulnerabilities in its products, including three (3) Zero-day vulnerabilities (CVE-2023-21823, CVE-2023-21715, and CVE-2023-23376) that are currently reported to be exploited in the wild.

Based on the official release notes from Microsoft, there are a total of 78 vulnerabilities. Of these vulnerabilities, 7 are classified as critical, 70 are classified as moderate, and 1 is classified as none.

_____________________________

A. List of the Vulnerabilities

TagCVE NumberCVE TitleImpactMax Severity
Visual StudioCVE-2023-41953GitHub: CVE-2022-41953 Git GUI Clone Remote Code Execution VulnerabilityRemote Code ExecutionImportant
3D BuilderCVE-2023-233903D Builder Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Azure Machine LearningCVE-2023-23382Azure Machine Learning Compute Instance Information Disclosure VulnerabilityInformation DisclosureImportant
Visual StudioCVE-2023-23381Visual Studio Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Microsoft Defender for IoTCVE-2023-23379Microsoft Defender for IoT Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
3D BuilderCVE-2023-23378Print 3D Remote Code Execution VulnerabilityRemote Code ExecutionImportant
3D BuilderCVE-2023-233773D Builder Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Common Log File System DriverCVE-2023-23376Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft Graphics ComponentCVE-2023-21823Windows Graphics Component Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Win32KCVE-2023-21822Windows Graphics Component Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Distributed File System (DFS)CVE-2023-21820Windows Distributed File System (DFS) Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Cryptographic ServicesCVE-2023-21819Windows Secure Channel Denial of Service VulnerabilityDenial of ServiceImportant
Windows SChannelCVE-2023-21818Windows Secure Channel Denial of Service VulnerabilityDenial of ServiceImportant
Windows KerberosCVE-2023-21817Windows Kerberos Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Active DirectoryCVE-2023-21816Windows Active Directory Domain Services API Denial of Service VulnerabilityDenial of ServiceImportant
Visual StudioCVE-2023-21815Visual Studio Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Windows Cryptographic ServicesCVE-2023-21813Windows Secure Channel Denial of Service VulnerabilityDenial of ServiceImportant
Windows Common Log File System DriverCVE-2023-21812Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows iSCSICVE-2023-21811Windows iSCSI Service Denial of Service VulnerabilityDenial of ServiceImportant
Microsoft Defender for EndpointCVE-2023-21809Microsoft Defender for Endpoint Security Feature Bypass VulnerabilitySecurity Feature BypassImportant
.NET and Visual StudioCVE-2023-21808.NET and Visual Studio Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft DynamicsCVE-2023-21807Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Power BICVE-2023-21806Power BI Report Server Spoofing VulnerabilitySpoofingImportant
Windows MSHTML PlatformCVE-2023-21805Windows MSHTML Platform Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Graphics ComponentCVE-2023-21804Windows Graphics Component Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows iSCSICVE-2023-21803Windows iSCSI Discovery Service Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Microsoft Windows Codecs LibraryCVE-2023-21802Windows Media Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-21801Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows InstallerCVE-2023-21800Windows Installer Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft WDAC OLE DB provider for SQLCVE-2023-21799Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows ODBC DriverCVE-2023-21798Microsoft ODBC Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows ODBC DriverCVE-2023-21797Microsoft ODBC Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft DynamicsCVE-2023-21778Microsoft Dynamics Unified Service Desk Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Azure App ServiceCVE-2023-21777Azure App Service on Azure Stack Hub Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
.NET FrameworkCVE-2023-21722.NET Framework Denial of Service VulnerabilityDenial of ServiceImportant
Microsoft Office OneNoteCVE-2023-21721Microsoft OneNote Spoofing VulnerabilitySpoofingImportant
SQL ServerCVE-2023-21718Microsoft SQL ODBC Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Office SharePointCVE-2023-21717Microsoft SharePoint Server Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft Office WordCVE-2023-21716Microsoft Word Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Microsoft Office PublisherCVE-2023-21715Microsoft Publisher Security Features Bypass VulnerabilitySecurity Feature BypassImportant
Microsoft OfficeCVE-2023-21714Microsoft Office Information Disclosure VulnerabilityInformation DisclosureImportant
SQL ServerCVE-2023-21713Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Exchange ServerCVE-2023-21710Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Exchange ServerCVE-2023-21707Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Exchange ServerCVE-2023-21706Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
SQL ServerCVE-2023-21705Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
SQL ServerCVE-2023-21704Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Azure Data Box GatewayCVE-2023-21703Azure Data Box Gateway Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows iSCSICVE-2023-21702Windows iSCSI Service Denial of Service VulnerabilityDenial of ServiceImportant
Windows Protected EAP (PEAP)CVE-2023-21701Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service VulnerabilityDenial of ServiceImportant
Windows iSCSICVE-2023-21700Windows iSCSI Discovery Service Denial of Service VulnerabilityDenial of ServiceImportant
Internet Storage Name ServiceCVE-2023-21699Windows Internet Storage Name Service (iSNS) Server Information Disclosure VulnerabilityInformation DisclosureImportant
Internet Storage Name ServiceCVE-2023-21697Windows Internet Storage Name Service (iSNS) Server Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Protected EAP (PEAP)CVE-2023-21695Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Fax and Scan ServiceCVE-2023-21694Windows Fax Service Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-21693Microsoft PostScript Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Protected EAP (PEAP)CVE-2023-21692Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Windows Protected EAP (PEAP)CVE-2023-21691Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Protected EAP (PEAP)CVE-2023-21690Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Windows Protected EAP (PEAP)CVE-2023-21689Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Windows ALPCCVE-2023-21688NT OS Kernel Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows HTTP.sysCVE-2023-21687HTTP.sys Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft WDAC OLE DB provider for SQLCVE-2023-21686Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft WDAC OLE DB provider for SQLCVE-2023-21685Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-21684Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft DynamicsCVE-2023-21573Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft DynamicsCVE-2023-21572Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft DynamicsCVE-2023-21571Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft DynamicsCVE-2023-21570Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
SQL ServerCVE-2023-21568Microsoft SQL Server Integration Service (VS extension) Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Visual StudioCVE-2023-21567Visual Studio Denial of Service VulnerabilityDenial of ServiceImportant
Visual StudioCVE-2023-21566Visual Studio Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Azure DevOpsCVE-2023-21564Azure DevOps Server Cross-Site Scripting VulnerabilitySpoofingImportant
Azure DevOpsCVE-2023-21553Azure DevOps Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Exchange ServerCVE-2023-21529Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
SQL ServerCVE-2023-21528Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Visual StudioCVE-2022-23521GitHub: CVE-2022-23521 gitattributes parsing integer overflowRemote Code ExecutionImportant
HoloLensCVE-2019-15126MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN deviceInformation DisclosureNone

_____________________________

B. Actions to be Taken

CERT-PH recommends the following actions be taken:

  • Kindly review and apply the necessary updates to mitigate future threats.
  • Proactively monitor and secure identified systems and devices for any suspicious/malicious activities.
  • For additional information, kindly refer to the official report
    • https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb
    • https://msrc.microsoft.com/update-guide/vulnerability