Table of Contents
  • Home
    • /
  • Blog
    • /
  • Breaking Down the Latest April 2023 Patch Tuesday Report
Arun KL
April 13, 2023
|
12m

Breaking Down the Latest April 2023 Patch Tuesday Report

Application Security |

Application/Appliance |

Cloud & OS Platforms |

Cyber Security |

InfoSec |

Threats & Vulnerabilities |

Vulnerabilities |

Windows

Breaking Down The Latest April 2023 Patch Tuesday Report

Microsoft releases security updates every month to address vulnerabilities in its software products. These updates are critical to ensuring the security of computer systems and networks. The April 2023 Patch Tuesday Report is important as it fixes various security vulnerabilities discovered in Microsoft’s software products. 

This blog will provide an overview of the latest April 2023 Patch Tuesday report, highlighting the significant vulnerabilities and their severity levels.

Microsoft Patch Tuesday April 2023 Report Summary

Microsoft released the April 2023 Patch Tuesday. Let’s see the summary of the report:

  • The update addresses 114 vulnerabilities, 7 are classified as critical, and 90 are classified as important.

  • The April 2023 update includes fixes for one zero-day vulnerabilities, which are exploited in the wild.

  • All 9 Critical vulnerabilities are Remote Code Execution vulnerabilities. 

  • The products covered in the April security update include Microsoft Office and Components, Microsoft Dynamics 365 Customer Voice, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Windows Kernel, Windows Layer 2 Tunneling Protocol, Windows Lock Screen, Windows Netlogon, Windows Secure Socket Tunneling Protocol (SSTP), Windows Transport Security Layer (TLS), Windows Win32K, and more.

Vulnerabilities by Category

The April 2023 Microsoft vulnerabilities are classified as follows: 

Vulnerability Type Quantity Severities 
Spoofing Vulnerability6Important: 3
Denial of Service Vulnerability9Important: 9
Elevation of Privilege Vulnerability20Important: 20
Information Disclosure Vulnerability10Important: 9
Remote Code Execution Vulnerability45Important: 38 Critical: 7
Security Feature Bypass Vulnerability8Important: 7
Microsoft Edge (Chromium-based)15

The list of 114 vulnerabilities has been classified into six different categories. Remote Code Execution (RCE) vulnerability has been identified as the most common, while Security Feature Bypass Vulnerability is the least frequent. The data presented in the table reveals that RCE vulnerability has occurred 45 times, with 7 of them categorized as Critical and the remaining 38 as Important in terms of severity. Please refer to the table above for a comprehensive view of the vulnerabilities based on their categories. 

List of Zero-Day Vulnerabilities Patched in April 2023 Patch Tuesday

Zero-day vulnerabilities are particularly dangerous as they give developers no time to create patches before attackers can exploit them. These vulnerabilities are especially concerning as they can be exploited before patches are released. Microsoft recently addressed one zero-day vulnerability that attackers were already exploiting.

CVE IDVulnerable Product/ApplicationVulnerability Type
CVE-2023-28252Windows Common Log File System DriverElevation of Privilege

Windows Common Log File System Driver Elevation of Privilege Vulnerability- CVE-2023-28252

Attackers can exploit CVE-2023-28252 in a low-complexity attack. A successful exploit of the flaw grants the attacker full SYSTEM privileges, and cyber criminals are currently using it to spread Nokoyawa Ransomware. 

Although the threat actors behind this attack have not been identified, the ransomware is already affecting organizations in various world regions, including South and North America, Asia, and the Middle East. 

The Cybersecurity and Infrastructure Security Agency (CISA) has also added this vulnerability to its Known Exploitable Vulnerabilities Catalog, indicating the severity of the issue.

List of Critical Vulnerabilities Patched in April 2023 Patch Tuesday

The list of all 7 critical vulnerabilities patched in April 2023 Patch Tuesday are as follows: 

CVE ID Vulnerable Product/ApplicationVulnerability Type
CVE-2023-21554Microsoft Message QueuingRemote Code Execution Vulnerability 
CVE-2023-28219 Windows Layer 2 Tunneling ProtocolRemote Code Execution Vulnerability
CVE-2023-28220Windows Layer 2 Tunneling ProtocolRemote Code Execution Vulnerability
CVE-2023-28231Windows DHCP ServerRemote Code Execution Vulnerability
CVE-2023-28232Windows Point-to-Point Tunneling ProtocolRemote Code Execution Vulnerability
CVE-2023-28250Windows PGMRemote Code Execution Vulnerability
CVE-2023-28291Windows Raw Image ExtensionRemote Code Execution Vulnerability

Complete List of Vulnerabilities Patched in April 2023 Patch Tuesday Are:

If you want to download the complete list of vulnerabilities patched in April 2023 Patch Tuesday, you can do it from here. 

CVE ID Severity CVE Title Tag 
CVE-2023-28260Important.NET DLL Hijacking Remote Code Execution Vulnerability.NET Core
CVE-2023-28312ImportantAzure Machine Learning Information Disclosure VulnerabilityAzure Machine Learning
CVE-2023-28300ImportantAzure Machine Learning Information Disclosure VulnerabilityAzure Service Connector
CVE-2023-28227ImportantWindows Bluetooth Driver Remote Code Execution VulnerabilityMicrosoft Bluetooth Driver
CVE-2023-24860ImportantMicrosoft Defender Denial of Service VulnerabilityMicrosoft Defender for Endpoint
CVE-2023-28314ImportantMicrosoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft Dynamics
CVE-2023-28309ImportantMicrosoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft Dynamics
CVE-2023-28313ImportantMicrosoft Dynamics 365 Customer Voice Cross-Site Scripting VulnerabilityMicrosoft Dynamics 365 Customer Voice
CVE-2023-28284ModerateMicrosoft Edge (Chromium-based) Security Feature Bypass VulnerabilityMicrosoft Edge (Chromium-based)
CVE-2023-1823UnknownChromium: CVE-2023-1823 Inappropriate implementation in FedCMMicrosoft Edge (Chromium-based)
CVE-2023-28301LowMicrosoft Edge (Chromium-based) Tampering VulnerabilityMicrosoft Edge (Chromium-based)
CVE-2023-1810UnknownChromium: CVE-2023-1810 Heap buffer overflow in VisualsMicrosoft Edge (Chromium-based)
CVE-2023-24935Low Microsoft Edge (Chromium-based) Spoofing VulnerabilityMicrosoft Edge (Chromium-based)
CVE-2023-1819UnknownChromium: CVE-2023-1819 Out of bounds read in AccessibilityMicrosoft Edge (Chromium-based)
CVE-2023-1818UnknownChromium: CVE-2023-1818 Use after free in VulkanMicrosoft Edge (Chromium-based)
CVE-2023-1814UnknownChromium: CVE-2023-1814 Insufficient validation of untrusted input in Safe BrowsingMicrosoft Edge (Chromium-based)
CVE-2023-1821UnknownChromium: CVE-2023-1821 Inappropriate implementation in WebShareMicrosoft Edge (Chromium-based)
CVE-2023-1811UnknownChromium: CVE-2023-1811 Use after free in FramesMicrosoft Edge (Chromium-based)
CVE-2023-1820UnknownChromium: CVE-2023-1820 Heap buffer overflow in Browser HistoryMicrosoft Edge (Chromium-based)
CVE-2023-1816UnknownChromium: CVE-2023-1816 Incorrect security UI in Picture In PictureMicrosoft Edge (Chromium-based)
CVE-2023-1815UnknownChromium: CVE-2023-1815 Use after free in Networking APIsMicrosoft Edge (Chromium-based)
CVE-2023-1822UnknownChromium: CVE-2023-1822 Incorrect security UI in NavigationMicrosoft Edge (Chromium-based)
CVE-2023-1813UnknownChromium: CVE-2023-1813 Inappropriate implementation in ExtensionsMicrosoft Edge (Chromium-based)
CVE-2023-1812UnknownChromium: CVE-2023-1812 Out of bounds memory access in DOM BindingsMicrosoft Edge (Chromium-based)
CVE-2023-1817UnknownChromium: CVE-2023-1817 Insufficient policy enforcement in IntentsMicrosoft Edge (Chromium-based)
CVE-2023-24912ImportantWindows Graphics Component Elevation of Privilege VulnerabilityMicrosoft Graphics Component
CVE-2023-21769ImportantMicrosoft Message Queuing Denial of Service VulnerabilityMicrosoft Message Queuing
CVE-2023-21554Critical Microsoft Message Queuing Remote Code Execution VulnerabilityMicrosoft Message Queuing
CVE-2023-28285ImportantMicrosoft Office Graphics Remote Code Execution VulnerabilityMicrosoft Office
CVE-2023-28295ImportantMicrosoft Publisher Remote Code Execution VulnerabilityMicrosoft Office Publisher
CVE-2023-28287ImportantMicrosoft Publisher Remote Code Execution VulnerabilityMicrosoft Office Publisher
CVE-2023-28288ImportantMicrosoft SharePoint Server Spoofing VulnerabilityMicrosoft Office SharePoint
CVE-2023-28311ImportantMicrosoft Word Remote Code Execution VulnerabilityMicrosoft Office Word
CVE-2023-28243ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft PostScript Printer Driver
CVE-2023-24883ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24927ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24925ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24924ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24885ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24928ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24884ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24926ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24929ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24887ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-24886ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft Printer Drivers
CVE-2023-28275ImportantMicrosoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQL
CVE-2023-28256ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28278ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28307ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28306ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28223ImportantWindows Domain Name Service Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28254ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28305ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28308ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28255ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-28277ImportantWindows DNS Server Remote Code Execution VulnerabilityMicrosoft Windows DNS
CVE-2023-23384ImportantWindows DNS Server Remote Code Execution VulnerabilitySQL Server
CVE-2023-23375ImportantMicrosoft SQL Server Remote Code Execution VulnerabilitySQL Server
CVE-2023-28304ImportantMicrosoft ODBC and OLE DB Remote Code Execution VulnerabilitySQL Server
CVE-2023-28299ImportantMicrosoft ODBC and OLE DB Remote Code Execution VulnerabilityVisual Studio
CVE-2023-28262ImportantVisual Studio Spoofing VulnerabilityVisual Studio
CVE-2023-28263ImportantVisual Studio Elevation of Privilege VulnerabilityVisual Studio
CVE-2023-28296ImportantVisual Studio Elevation of Privilege VulnerabilityVisual Studio
CVE-2023-24893ImportantVisual Studio Elevation of Privilege VulnerabilityVisual Studio Code 
CVE-2023-28302ImportantVisual Studio Code Remote Code Execution VulnerabilityWindows Active Directory
CVE-2023-28236ImportantMicrosoft Message Queuing Denial of Service VulnerabilityWindows ALPC
CVE-2023-28216ImportantWindows Kernel Elevation of Privilege VulnerabilityWindows ALPC
CVE-2023-28218ImportantWindows Advanced Local Procedure Call (ALPC) Elevation of Privilege VulnerabilityWindows Ancillary Function Driver for WinSock
CVE-2023-28269ImportantWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityWindows Boot Manager
CVE-2023-28249ImportantWindows Boot Manager Security Feature Bypass VulnerabilityWindows Boot Manager
CVE-2023-28273ImportantWindows Boot Manager Security Feature Bypass VulnerabilityWindows Clip Service
CVE-2023-28229ImportantWindows Clip Service Elevation of Privilege VulnerabilityWindows CNG Key Isolation Service
CVE-2023-28266ImportantWindows CNG Key Isolation Service Elevation of Privilege VulnerabilityWindows Common Log File System Driver
CVE-2023-28252ImportantWindows Common Log File System Driver Information Disclosure VulnerabilityWindows Common Log File System Driver
CVE-2023-28231Critical Windows Common Log File System Driver Elevation of Privilege VulnerabilityWindows DHCP Server
CVE-2023-28226ImportantDHCP Server Service Remote Code Execution VulnerabilityWindows Enroll Engine
CVE-2023-28221ImportantWindows Enroll Engine Security Feature Bypass VulnerabilityWindows Error Reporting
CVE-2023-28276ImportantWindows Error Reporting Service Elevation of Privilege VulnerabilityWindows Group Policy
CVE-2023-28238ImportantWindows Group Policy Security Feature Bypass VulnerabilityWindows Internet Key Exchange (IKE) Protocol
CVE-2023-28244ImportantWindows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution VulnerabilityWindows Kerberos
CVE-2023-28271ImportantWindows Kerberos Elevation of Privilege VulnerabilityWindows Kernel
CVE-2023-28248ImportantWindows Kernel Memory Information Disclosure VulnerabilityWindows Kernel
CVE-2023-28222ImportantWindows Kernel Elevation of Privilege VulnerabilityWindows Kernel
CVE-2023-28272ImportantWindows Kernel Elevation of Privilege VulnerabilityWindows Kernel
CVE-2023-28293ImportantWindows Kernel Elevation of Privilege VulnerabilityWindows Kernel
CVE-2023-28253ImportantWindows Kernel Elevation of Privilege VulnerabilityWindows Kernel
CVE-2023-28237ImportantWindows Kernel Remote Code Execution VulnerabilityWindows Kernel
CVE-2023-28298ImportantWindows Kernel Denial of Service VulnerabilityWindows Kernel
CVE-2023-28219Critical Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityWindows Layer 2 Tunneling Protocol
CVE-2023-28220Critical Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityWindows Layer 2 Tunneling Protocol
CVE-2023-28270ImportantWindows Lock Screen Security Feature Bypass VulnerabilityWindows Lock Screen
CVE-2023-28235ImportantWindows Lock Screen Security Feature Bypass VulnerabilityWindows Lock Screen
CVE-2023-28268ImportantNetlogon RPC Elevation of Privilege VulnerabilityWindows Netlogon
CVE-2023-28217ImportantWindows Network Address Translation (NAT) Denial of Service VulnerabilityWindows Network Address Translation (NAT)
CVE-2023-28247ImportantWindows Network File System Information Disclosure VulnerabilityWindows Network File System
CVE-2023-28240ImportantWindows Network Load Balancing Remote Code Execution VulnerabilityWindows Network Load Balancing
CVE-2023-28225ImportantWindows NTLM Elevation of Privilege VulnerabilityWindows NTLM
CVE-2023-28250Critical Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityWindows PGM
CVE-2023-28224Important Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution VulnerabilityWindows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-28232Critical Windows Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityWindows Point-to-Point Tunneling Protocol
CVE-2023-28291Critical Raw Image Extension Remote Code Execution VulnerabilityWindows Raw Image Extension
CVE-2023-28292ImportantRaw Image Extension Remote Code Execution VulnerabilityWindows Raw Image Extension
CVE-2023-28228ImportantWindows Spoofing VulnerabilityWindows RDP Client
CVE-2023-28267ImportantRemote Desktop Protocol Client Information Disclosure VulnerabilityWindows RDP Client
CVE-2023-28246ImportantWindows Registry Elevation of Privilege VulnerabilityWindows Registry
CVE-2023-21729ImportantRemote Procedure Call Runtime Information Disclosure VulnerabilityWindows RPC API
CVE-2023-21727ImportantRemote Procedure Call Runtime Remote Code Execution VulnerabilityWindows RPC API
CVE-2023-28297ImportantWindows Remote Procedure Call Service (RPCSS) Elevation of Privilege VulnerabilityWindows RPC API
CVE-2023-24931ImportantWindows Secure Channel Denial of Service VulnerabilityWindows Secure Channel
CVE-2023-28233ImportantWindows Secure Channel Denial of Service VulnerabilityWindows Secure Channel
CVE-2023-28241ImportantWindows Secure Socket Tunneling Protocol (SSTP) Denial of Service VulnerabilityWindows Secure Socket Tunneling Protocol (SSTP)
CVE-2023-28234ImportantWindows Secure Channel Denial of Service VulnerabilityWindows Transport Security Layer (TLS)
CVE-2023-28274ImportantWindows Win32k Elevation of Privilege VulnerabilityWindows Win32K
CVE-2023-24914ImportantWin32k Elevation of Privilege VulnerabilityWindows Win32K

We hope this blog post has helped you understand the April 2023 Patch Tuesday release from Microsoft that addresses several important updates for Microsoft products, including Windows, Office, and Exchange Server. This monthly security update is essential for addressing various security vulnerabilities and enhancing the overall security of systems. 

You should prioritize applying the patches as soon as possible to mitigate the potential risks associated with these vulnerabilities. By staying up-to-date with the latest security patches and implementing proactive security measures, you can better protect your systems against potential cyber threats and ensure the safety and integrity of the systems and data.

We hope this post would help you know about the April 2023 Patch Tuesday report published by Microsoft on 11th April 2023. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblrMedium and Instagram subscribe to receive updates like this. 

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Books

Books

Videos

Videos

Courses

Courses

Certifications

Certifications

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Cyber Security - Books

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe