Pierluigi Paganini February 14, 2023

Microsoft Patch Tuesday security updates for February 2023 addressed 75 flaws, including three actively exploited zero-day bugs.

Microsoft Patch Tuesday security updates for February 2023 fixed 75 vulnerabilities in multiple products, including Microsoft Windows and Windows Components; Office and Office Components; Exchange Server; .NET Core and Visual Studio Code; 3D Builder and Print 3D; Microsoft Azure and Dynamics 365; Defender for IoT and the Malware Protection Engine; and Microsoft Edge (Chromium-based).

Nine vulnerabilities addressed this month have been rated Critical and 66 are rated Important in severity.

None of the vulnerabilities addressed this month are listed as publicly known, but three flaws are listed as being exploited in the wild at the time of disclosure.

The most severe actively exploited flaw is tracked as CVE-2023-21823, it is a Windows Graphics Component remote code execution vulnerability.

The flaw, rated as Important severity (CVSS score of 7.8), was reported by Genwei Jiang and Dhanesh Kizhakkinan of Mandiant.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” reads the advisory published by Microsoft.

Another actively exploited issue is a Microsoft Office security feature bypass vulnerability tracked as CVE-2023-21715.

The flaw, rated as Important severity (CVSS score of 7.3), was reported by Hidetake Jo.

“The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer.” reads the advisory published by Microsoft. “An attacker who successfully exploited this vulnerability could bypass Office macro policies used to block untrusted or malicious files.”

Another interesting flaw addressed this month is a Windows common log file system driver elevation of privilege vulnerability tracked as CVE-2023-23376. An attacker can exploit this vulnerability to gain SYSTEM privileges.
This vulnerability is actively exploited too, it was discovered by Microsoft’s Threat Intelligence Center (MSTIC).

The full list of vulnerabilities released by Microsoft for February 2023 is available here.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)