Microsoft February 2023 Patch Tuesday, (Tue, Feb 14th)

Microsoft today patched 80 different vulnerabilities. This includes the Chromium vulnerabilities affecting Microsoft Edge. Nine vulnerabilities are rated as “Critical” by Microsoft.

Three of the vulnerabilities, all rated “important”, are already being exploited:

CVE-2023-21715: Microsoft Publisher Security Feature Bypass. This vulnerability will allow the execution of macros bypassing policies blocking them.

CVE-2023-23376: Windows Common Log File Ssytem Driver Elevation of Privilege Vulnerability

CVE-2023-21823: Windows Graphics Component Remote Code Execution Vulnerability. Patches for this vulnerability may only be available via the Microsoft Store. Make sure you have these updates enabled.

Some additional vulnerabilities of interest:

CVE-2023-21803: Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Likely not the most common issue to be patched this month, but something that may easily be missed. This vulnerability, if exploited, could be used for lateral movement.

CVE-2023-21716: Microsoft Word Remote Code Execution Vulnerability. Word is always a great target as it offers a large attack surface. No known exploit for this vulnerability, but its CVSS score of 9.8 will attract some attention. The rating of “critical” implies that it is not necessary to open the document to trigger the vulnerability.

Visual Studio: Several vulnerabilities, two of them critical, affect Visual Studio. Attacks against developers are often not well documented but appear on the rise.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
curl use after free vulnerability affecting CBL Mariner 2.0
%%cve:2022-43552%%	No	No	–	–	–
.NET Framework Denial of Service Vulnerability
%%cve:2023-21722%%	No	No	Less Likely	Less Likely	Important	4.4	3.9
.NET and Visual Studio Remote Code Execution Vulnerability
%%cve:2023-21808%%	No	No	Less Likely	Less Likely	Critical	7.8	6.8
3D Builder Remote Code Execution Vulnerability
%%cve:2023-23377%%	No	No	–	–	Important	7.8	6.8
%%cve:2023-23390%%	No	No	–	–	Important	7.8	6.8
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
%%cve:2023-21777%%	No	No	–	–	Important	8.7	7.6
Azure Data Box Gateway Remote Code Execution Vulnerability
%%cve:2023-21703%%	No	No	–	–	Important	6.5	5.7
Azure DevOps Server Cross-Site Scripting Vulnerability
%%cve:2023-21564%%	No	No	–	–	Important	7.1	6.2
Azure DevOps Server Remote Code Execution Vulnerability
%%cve:2023-21553%%	No	No	–	–	Important	7.5	6.5
Azure Machine Learning Compute Instance Information Disclosure Vulnerability
%%cve:2023-23382%%	No	No	–	–	Important	6.5	5.7
HTTP.sys Information Disclosure Vulnerability
%%cve:2023-21687%%	No	No	–	–	Important	5.5	4.8
MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device
%%cve:2019-15126%%	No	No	–	–	–
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
%%cve:2023-21809%%	No	No	–	–	Important	7.8	6.8
Microsoft Defender for IoT Elevation of Privilege Vulnerability
%%cve:2023-23379%%	No	No	–	–	Important	6.4	5.6
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
%%cve:2023-21807%%	No	No	Unlikely	Less Likely	Important	5.8	5.1
%%cve:2023-21570%%	No	No	–	–	Important	5.4	4.7
%%cve:2023-21571%%	No	No	–	–	Important	5.4	4.7
%%cve:2023-21572%%	No	No	–	–	Important	6.5	5.7
%%cve:2023-21573%%	No	No	–	–	Important	5.4	4.7
Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability
%%cve:2023-21778%%	No	No	Less Likely	Less Likely	Important	8.3	7.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
%%cve:2023-23374%%	No	No	Less Likely	Less Likely	Moderate	8.3	7.2
Microsoft Edge (Chromium-based) Spoofing Vulnerability
%%cve:2023-21794%%	No	No	Less Likely	Less Likely	Low	4.3	3.9
Microsoft Edge (Chromium-based) Tampering Vulnerability
%%cve:2023-21720%%	No	No	Less Likely	Less Likely	Low	5.3	4.8
Microsoft Exchange Server Remote Code Execution Vulnerability
%%cve:2023-21706%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21707%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21529%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21710%%	No	No	–	–	Important	7.2	6.3
Microsoft ODBC Driver Remote Code Execution Vulnerability
%%cve:2023-21797%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21798%%	No	No	–	–	Important	8.8	7.7
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
%%cve:2023-21704%%	No	No	–	–	Important	7.8	6.8
Microsoft Office Information Disclosure Vulnerability
%%cve:2023-21714%%	No	No	–	–	Important	5.5	4.8
Microsoft OneNote Spoofing Vulnerability
%%cve:2023-21721%%	No	No	–	–	Important	6.5	5.7
Microsoft PostScript Printer Driver Information Disclosure Vulnerability
%%cve:2023-21693%%	No	No	–	–	Important	5.7	5.1
Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
%%cve:2023-21684%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21801%%	No	No	–	–	Important	7.8	6.8
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
%%cve:2023-21701%%	No	No	–	–	Important	7.5	6.5
Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability
%%cve:2023-21691%%	No	No	–	–	Important	7.5	6.5
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
%%cve:2023-21689%%	No	No	–	–	Critical	9.8	8.5
%%cve:2023-21690%%	No	No	–	–	Critical	9.8	8.5
%%cve:2023-21692%%	No	No	–	–	Critical	9.8	8.5
%%cve:2023-21695%%	No	No	–	–	Important	7.5	6.5
Microsoft Publisher Security Features Bypass Vulnerability
%%cve:2023-21715%%	No	Yes	–	–	Important	7.3	6.4
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
%%cve:2023-21718%%	No	No	–	–	Critical	7.8	6.8
Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability
%%cve:2023-21568%%	No	No	–	–	Important	7.3	6.4
Microsoft SQL Server Remote Code Execution Vulnerability
%%cve:2023-21528%%	No	No	More Likely	Less Likely	Important	7.8	6.8
%%cve:2023-21705%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21713%%	No	No	–	–	Important	8.8	7.7
Microsoft SharePoint Server Elevation of Privilege Vulnerability
%%cve:2023-21717%%	No	No	–	–	Important	8.8	7.7
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
%%cve:2023-21799%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21685%%	No	No	–	–	Important	8.8	7.7
%%cve:2023-21686%%	No	No	–	–	Important	8.8	7.7
Microsoft Word Remote Code Execution Vulnerability
%%cve:2023-21716%%	No	No	–	–	Critical	9.8	8.5
NT OS Kernel Elevation of Privilege Vulnerability
%%cve:2023-21688%%	No	No	–	–	Important	7.8	6.8
Power BI Report Server Spoofing Vulnerability
%%cve:2023-21806%%	No	No	–	–	Important	8.2	7.1
Print 3D Remote Code Execution Vulnerability
%%cve:2023-23378%%	No	No	–	–	Important	7.8	7.1
Visual Studio Denial of Service Vulnerability
%%cve:2023-21567%%	No	No	More Likely	Less Likely	Important	5.6	5.1
Visual Studio Elevation of Privilege Vulnerability
%%cve:2023-21566%%	No	No	Less Likely	Less Likely	Important	7.8	6.8
Visual Studio Remote Code Execution Vulnerability
%%cve:2023-21815%%	No	No	–	–	Critical	8.4	7.3
%%cve:2023-23381%%	No	No	–	–	Critical	8.4	7.3
Windows Active Directory Domain Services API Denial of Service Vulnerability
%%cve:2023-21816%%	No	No	–	–	Important	7.5	6.5
Windows Common Log File System Driver Elevation of Privilege Vulnerability
%%cve:2023-21812%%	No	No	–	–	Important	7.8	6.8
%%cve:2023-23376%%	No	Yes	–	–	Important	7.8	6.8
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
%%cve:2023-21820%%	No	No	–	–	Important	7.4	6.4
Windows Fax Service Remote Code Execution Vulnerability
%%cve:2023-21694%%	No	No	–	–	Important	6.8	5.9
Windows Graphics Component Elevation of Privilege Vulnerability
%%cve:2023-21804%%	No	No	–	–	Important	7.8	6.8
%%cve:2023-21822%%	No	No	–	–	Important	7.8	6.8
Windows Graphics Component Remote Code Execution Vulnerability
%%cve:2023-21823%%	No	Yes	–	–	Important	7.8	7.5
Windows Installer Elevation of Privilege Vulnerability
%%cve:2023-21800%%	No	No	–	–	Important	7.8	6.8
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
%%cve:2023-21697%%	No	No	–	–	Important	6.2	5.4
%%cve:2023-21699%%	No	No	–	–	Important	5.3	4.6
Windows Kerberos Elevation of Privilege Vulnerability
%%cve:2023-21817%%	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows MSHTML Platform Remote Code Execution Vulnerability
%%cve:2023-21805%%	No	No	–	–	Important	7.8	6.8
Windows Media Remote Code Execution Vulnerability
%%cve:2023-21802%%	No	No	–	–	Important	7.8	6.8
Windows Secure Channel Denial of Service Vulnerability
%%cve:2023-21813%%	No	No	Less Likely	Less Likely	Important	7.5	6.5
%%cve:2023-21818%%	No	No	More Likely	More Likely	Important	7.5	6.5
%%cve:2023-21819%%	No	No	–	–	Important	7.5	6.5
Windows iSCSI Discovery Service Denial of Service Vulnerability
%%cve:2023-21700%%	No	No	–	–	Important	7.5	6.5
Windows iSCSI Discovery Service Remote Code Execution Vulnerability
%%cve:2023-21803%%	No	No	–	–	Critical	9.8	8.5
Windows iSCSI Service Denial of Service Vulnerability
%%cve:2023-21811%%	No	No	–	–	Important	7.5	6.5
%%cve:2023-21702%%	No	No	–	–	Important	7.5	6.5

—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Cyber Safe NV

Microsoft February 2023 Patch Tuesday, (Tue, Feb 14th)

Related Posts

Alex Post