Table of Contents
January 5, 2024
|10m
Breaking Down the Latest February 2023 Patch Tuesday Report
Patch Tuesday refers to a day on which Microsoft rolls out Security Patches for the Vulnerability once a month “Patch Tuesday” instead of releasing patches independently for the flaws. The day usually falls on the second Tuesday of each month. On the day, Microsoft releases patches or security updates for the Windows operating system and other Microsoft software applications, including Microsoft Office. Considering its importance, we have decided to publish a monthly breakdown of the Microsoft Patch Tuesday report on thesecmaster.com. We are going to cover the February 2023 Patch Tuesday this time, and going forward. You are going to see the same report for upcoming months on this website.
Microsoft Patch Tuesday February 2023 Report Summary:
Microsoft released the February 2023 Patch Tuesday on 14th Feb. Let’s see the summary of the report:
The update addresses 77 vulnerabilities, 9 are classified as critical, and 68 are classified as important.
The February 2023 update includes fixes for three zero-day vulnerabilities, which are exploited in the wild.
Out of 9 Critical vulnerabilities, 8 are Remote Code Execution vulnerabilities, and one is Privilege Escalation.
The products covered in the February security update include Microsoft Windows, Office, Azure, Microsoft System Center, Microsoft Exchange Server, Microsoft SQL Server, Microsoft Visual Studio, Microsoft Edge, and many Developer Tools.
The update also includes non-security updates for Windows 10 and Windows Server 2016/2019.
source: SYXSENSE
Vulnerabilities by Category:
| Vulnerability Type | Quantity | Severities |
| Remote Code Execution Vulnerability | 38 | Important: 29Critical: 9 |
| Elevation of Privilege Vulnerability | 12 | Important: 12 |
| Denial of Service Vulnerability | 10 | Important: 10 |
| Information Disclosure Vulnerability | 8 | Important: 8 |
| Spoofing Vulnerability | 8 | Important: 8 |
| Security Feature Bypass Vulnerability | 2 | Important: 2 |
All 77 vulnerabilities are categorized into 6 vulnerabilities. Remote Code Execution is found to be the most prevalent in the list, and Security Feature Bypass Vulnerability is the less. The above table shows there are 38 occurrences of RCE vulnerability, of which 9 are classified as Critical, and the remaining 28 are Important in severity. Please refer to the table that shows the vulnerabilities by categories.
List of Zero-Day Vulnerabilities Patched in February 2023 Patch Tuesday:
The term “zero-day” refers to the fact that developers have zero days to fix the issue before attackers can take advantage of it. These are considered the most dangerous since they are set to exploit before patches are released. Microsoft announced that it had fixed three such zero-day vulnerabilities that are being exploited in the wild.
| CVE ID | Vulnerable Product/Application | Vulnerability Type |
|---|---|---|
| CVE-2023-21823 | Windows Graphics Component | Remote Code Execution |
| CVE-2023-21715 | Microsoft Publisher | Security Features Bypass |
| CVE-2023-23376 | Windows Common Log File System Driver | Elevation of Privilege |
List of Critical Vulnerabilities Patched in February 2023 Patch Tuesday:
The severity of the identified vulnerabilities is measured in the CVSS score. CVSS is a scale measured from 0 to 10 where 0 is the least severe and 10 is the most severe Vulnerability. All the vulnerabilities are assigned a CVSS number between 0.0 to 10.10 depending on several factors, including the attack vector, the attack complexity, and the impact on confidentiality, integrity, and availability. The vulnerabilities assigned the CVSS score between 0 to 4 are labeled ‘Low’ severity. The vulnerabilities assigned the CVSS score between 4 to 7 are labeled ‘Medium’ severity. Similarly, the vulnerabilities assigned a CVSS score between 7 to 8 are labeled ‘High’ severity, and the CVSS score between 9 to 10 is ‘Critical’ in severity.
The below table lists the vulnerabilities considered Critical in severity.
| CVE ID | Vulnerable Product/Application | Vulnerability Type |
|---|---|---|
| CVE-2023-21808 | .NET 6.0 | Elevation of Privilege |
| CVE-2023-23381 | Microsoft Visual Studio 2017 version 15.9 | Remote Code Execution |
| CVE-2023-21808 | Microsoft Visual Studio 2017 version 15.9 | Elevation of Privilege |
| CVE-2023-21815 | Microsoft Visual Studio 2017 version 15.9 | Remote Code Execution |
| CVE-2023-21692 | Windows Server 2008 for 32-bit Systems Service Pack 2 | Remote Code Execution |
| CVE-2023-21718 | Microsoft SQL Server 2019 for x64-based Systems (CU 18) | Remote Code Execution |
| CVE-2023-21716 | Microsoft Word 2013 Service Pack 1 (64-bit editions) | Remote Code Execution |
| CVE-2023-21803 | Windows Server 2008 for 32-bit Systems Service Pack 2 | Remote Code Execution |
| CVE-2023-21690 | Windows Server 2012 R2 (Server Core installation) | Remote Code Execution |
| CVE-2023-21689 | Windows Server 2012 R2 (Server Core installation) | Remote Code Execution |
Comprehensive List of Vulnerabilities Patched in February 2023 Patch Tuesday Are:
We have segregated the list into multiple lists by the Applications. You can download the list from the official Microsoft security updates sheet from here.
Apps vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-23378 | Print 3D Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-23377 | 3D Builder Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-23390 | 3D Builder Remote Code Execution Vulnerability | No | No | 7.8 |
Azure vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21777 | Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | No | No | 8.7 |
| CVE-2023-21564 | Azure DevOps Server Cross-Site Scripting Vulnerability | No | No | 7.1 |
| CVE-2023-23382 | Azure Machine Learning Compute Instance Information Disclosure Vulnerability | No | No | 6.5 |
| CVE-2023-21703 | Azure Data Box Gateway Remote Code Execution Vulnerability | No | No | 6.5 |
Browser vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-23374 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | No | No | 8.3 |
| CVE-2023-21720 | Microsoft Edge (Chromium-based) Tampering Vulnerability | No | No | 5.3 |
| CVE-2023-21794 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | No | No | 4.3 |
Developer Tools vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21815 | Visual Studio Remote Code Execution Vulnerability | No | No | 8.4 |
| CVE-2023-23381 | Visual Studio Remote Code Execution Vulnerability | No | No | 8.4 |
| CVE-2023-21808 | .NET and Visual Studio Remote Code Execution Vulnerability | No | No | 8.4 |
| CVE-2023-21566 | Visual Studio Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE-2023-21553 | Azure DevOps Server Remote Code Execution Vulnerability | No | No | 7.5 |
| CVE-2023-21567 | Visual Studio Denial of Service Vulnerability | No | No | 5.6 |
| CVE-2023-21722 | .NET Framework Denial of Service Vulnerability | No | No | 4.4 |
Device vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2019-15126 | MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device | No | No | N/A |
ESU vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21800 | Windows Installer Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21823 | Windows Graphics Component Remote Code Execution Vulnerability | Yes | No | 7.8 |
ESU Windows vulnerabilities
| CVE-2023-21803 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability | No | No | 9.8 |
| CVE-2023-21689 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | No | No | 9.8 |
| CVE-2023-21690 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | No | No | 9.8 |
| CVE-2023-21692 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | No | No | 9.8 |
| CVE-2023-21799 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21685 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21686 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21684 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21797 | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21798 | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21802 | Windows Media Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-21805 | Windows MSHTML Platform Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-21817 | Windows Kerberos Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE-2023-21822 | Windows Graphics Component Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE-2023-21812 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE-2023-23376 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Yes | No | 7.8 |
| CVE-2023-21688 | NT OS Kernel Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE-2023-21801 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-21811 | Windows iSCSI Service Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21702 | Windows iSCSI Service Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21700 | Windows iSCSI Discovery Service Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21813 | Windows Secure Channel Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21818 | Windows Secure Channel Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21816 | Windows Active Directory Domain Services API Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21695 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | No | No | 7.5 |
| CVE-2023-21691 | Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability | No | No | 7.5 |
| CVE-2023-21701 | Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21820 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | No | No | 7.4 |
| CVE-2023-21694 | Windows Fax Service Remote Code Execution Vulnerability | No | No | 6.8 |
| CVE-2023-21697 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | No | No | 6.2 |
| CVE-2023-21693 | Microsoft PostScript Printer Driver Information Disclosure Vulnerability | No | No | 5.7 |
| CVE-2023-21699 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | No | No | 5.3 |
Exchange Server vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21706 | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21707 | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21529 | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21710 | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 7.2 |
Microsoft Dynamics vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21778 | Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability | No | No | 8.3 |
| CVE-2023-21572 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 6.5 |
| CVE-2023-21807 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 5.8 |
| CVE-2023-21570 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 5.4 |
| CVE-2023-21571 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 5.4 |
| CVE-2023-21573 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 5.4 |
Microsoft Office vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21716 | Microsoft Word Remote Code Execution Vulnerability | No | No | 9.8 |
| CVE-2023-21717 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | No | No | 8.8 |
| CVE-2023-21715 | Microsoft Publisher Security Features Bypass Vulnerability | Yes | No | 7.3 |
| CVE-2023-21721 | Microsoft OneNote Spoofing Vulnerability | No | No | 6.5 |
| CVE-2023-21714 | Microsoft Office Information Disclosure Vulnerability | No | No | 5.5 |
SQL Server vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21705 | Microsoft SQL Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21713 | Microsoft SQL Server Remote Code Execution Vulnerability | No | No | 8.8 |
| CVE-2023-21806 | Power BI Report Server Spoofing Vulnerability | No | No | 8.2 |
| CVE-2023-21528 | Microsoft SQL Server Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-21718 | Microsoft SQL ODBC Driver Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-21704 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | No | No | 7.8 |
| CVE-2023-21568 | Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability | No | No | 7.3 |
System Center vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21809 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | No | No | 7.8 |
| CVE-2023-23379 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | No | No | 6.4 |
Windows vulnerabilities
| CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score |
|---|---|---|---|---|
| CVE-2023-21804 | Windows Graphics Component Elevation of Privilege Vulnerability | No | No | 7.8 |
| CVE-2023-21819 | Windows Secure Channel Denial of Service Vulnerability | No | No | 7.5 |
| CVE-2023-21687 | HTTP.sys Information Disclosure Vulnerability | No | No | 5.5 |
We hope this post would help you know about the February 2023 Patch Tuesday report published by Microsoft on 14th February 2023. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram and subscribe to receive updates like this.
You may also like these articles:
Arun KL
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
