Table of Contents
  • Home
  • /
  • Blog
  • /
  • Breaking Down the Latest February 2023 Patch Tuesday Report
January 5, 2024
|
10m

Breaking Down the Latest February 2023 Patch Tuesday Report


Breaking Down The Latest February 2023 Patch Tuesday Report

Patch Tuesday refers to a day on which Microsoft rolls out Security Patches for the Vulnerability once a month “Patch Tuesday” instead of releasing patches independently for the flaws. The day usually falls on the second Tuesday of each month. On the day, Microsoft releases patches or security updates for the Windows operating system and other Microsoft software applications, including Microsoft Office. Considering its importance, we have decided to publish a monthly breakdown of the Microsoft Patch Tuesday report on thesecmaster.com. We are going to cover the February 2023 Patch Tuesday this time, and going forward. You are going to see the same report for upcoming months on this website.

Microsoft Patch Tuesday February 2023 Report Summary:

Microsoft released the February 2023 Patch Tuesday on 14th Feb. Let’s see the summary of the report:

  • The update addresses 77 vulnerabilities, 9 are classified as critical, and 68 are classified as important.

  • The February 2023 update includes fixes for three zero-day vulnerabilities, which are exploited in the wild.

  • Out of 9 Critical vulnerabilities, 8 are Remote Code Execution vulnerabilities, and one is Privilege Escalation.

  • The products covered in the February security update include Microsoft Windows, Office, Azure, Microsoft System Center, Microsoft Exchange Server, Microsoft SQL Server, Microsoft Visual Studio, Microsoft Edge, and many Developer Tools.

  • The update also includes non-security updates for Windows 10 and Windows Server 2016/2019.

source: SYXSENSE

Vulnerabilities by Category:

Vulnerability TypeQuantitySeverities
Remote Code Execution Vulnerability 38 Important: 29Critical: 9 
Elevation of Privilege Vulnerability 12Important: 12
Denial of Service Vulnerability 10Important: 10
Information Disclosure Vulnerability 8Important: 8
Spoofing Vulnerability 8Important: 8
Security Feature Bypass Vulnerability 2Important: 2

All 77 vulnerabilities are categorized into 6 vulnerabilities. Remote Code Execution is found to be the most prevalent in the list, and Security Feature Bypass Vulnerability is the less. The above table shows there are 38 occurrences of RCE vulnerability, of which 9 are classified as Critical, and the remaining 28 are Important in severity. Please refer to the table that shows the vulnerabilities by categories.

List of Zero-Day Vulnerabilities Patched in February 2023 Patch Tuesday:

The term “zero-day” refers to the fact that developers have zero days to fix the issue before attackers can take advantage of it. These are considered the most dangerous since they are set to exploit before patches are released. Microsoft announced that it had fixed three such zero-day vulnerabilities that are being exploited in the wild.

CVE IDVulnerable Product/ApplicationVulnerability Type
CVE-2023-21823Windows Graphics ComponentRemote Code Execution
CVE-2023-21715Microsoft PublisherSecurity Features Bypass
CVE-2023-23376Windows Common Log File System DriverElevation of Privilege

List of Critical Vulnerabilities Patched in February 2023 Patch Tuesday:

The severity of the identified vulnerabilities is measured in the CVSS score. CVSS is a scale measured from 0 to 10 where 0 is the least severe and 10 is the most severe Vulnerability. All the vulnerabilities are assigned a CVSS number between 0.0 to 10.10 depending on several factors, including the attack vector, the attack complexity, and the impact on confidentiality, integrity, and availability. The vulnerabilities assigned the CVSS score between 0 to 4 are labeled ‘Low’ severity. The vulnerabilities assigned the CVSS score between 4 to 7 are labeled ‘Medium’ severity. Similarly, the vulnerabilities assigned a CVSS score between 7 to 8 are labeled ‘High’ severity, and the CVSS score between 9 to 10 is ‘Critical’ in severity.

The below table lists the vulnerabilities considered Critical in severity.

CVE IDVulnerable Product/ApplicationVulnerability Type
CVE-2023-21808.NET 6.0Elevation of Privilege
CVE-2023-23381Microsoft Visual Studio 2017 version 15.9Remote Code Execution
CVE-2023-21808Microsoft Visual Studio 2017 version 15.9Elevation of Privilege
CVE-2023-21815Microsoft Visual Studio 2017 version 15.9Remote Code Execution
CVE-2023-21692Windows Server 2008 for 32-bit Systems Service Pack 2Remote Code Execution
CVE-2023-21718Microsoft SQL Server 2019 for x64-based Systems (CU 18)Remote Code Execution
CVE-2023-21716Microsoft Word 2013 Service Pack 1 (64-bit editions)Remote Code Execution
CVE-2023-21803Windows Server 2008 for 32-bit Systems Service Pack 2Remote Code Execution
CVE-2023-21690Windows Server 2012 R2 (Server Core installation)Remote Code Execution
CVE-2023-21689Windows Server 2012 R2 (Server Core installation)Remote Code Execution

Comprehensive List of Vulnerabilities Patched in February 2023 Patch Tuesday Are:

We have segregated the list into multiple lists by the Applications. You can download the list from the official Microsoft security updates sheet from here

Apps vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-23378Print 3D Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-233773D Builder Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-233903D Builder Remote Code Execution VulnerabilityNoNo7.8
Azure vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21777Azure App Service on Azure Stack Hub Elevation of Privilege VulnerabilityNoNo8.7
CVE-2023-21564Azure DevOps Server Cross-Site Scripting VulnerabilityNoNo7.1
CVE-2023-23382Azure Machine Learning Compute Instance Information Disclosure VulnerabilityNoNo6.5
CVE-2023-21703Azure Data Box Gateway Remote Code Execution VulnerabilityNoNo6.5
Browser vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-23374Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityNoNo8.3
CVE-2023-21720Microsoft Edge (Chromium-based) Tampering VulnerabilityNoNo5.3
CVE-2023-21794Microsoft Edge (Chromium-based) Spoofing VulnerabilityNoNo4.3
Developer Tools vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21815Visual Studio Remote Code Execution VulnerabilityNoNo8.4
CVE-2023-23381Visual Studio Remote Code Execution VulnerabilityNoNo8.4
CVE-2023-21808.NET and Visual Studio Remote Code Execution VulnerabilityNoNo8.4
CVE-2023-21566Visual Studio Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-21553Azure DevOps Server Remote Code Execution VulnerabilityNoNo7.5
CVE-2023-21567Visual Studio Denial of Service VulnerabilityNoNo5.6
CVE-2023-21722.NET Framework Denial of Service VulnerabilityNoNo4.4
Device vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2019-15126MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN deviceNoNoN/A
ESU vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21800Windows Installer Elevation of Privilege VulnerabilityNoNo7.8
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21823Windows Graphics Component Remote Code Execution VulnerabilityYesNo7.8
ESU Windows vulnerabilities
CVE-2023-21803Windows iSCSI Discovery Service Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-21689Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-21690Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-21692Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-21799Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21685Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21686Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21684Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21797Microsoft ODBC Driver Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21798Microsoft ODBC Driver Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21802Windows Media Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-21805Windows MSHTML Platform Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-21817Windows Kerberos Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-21822Windows Graphics Component Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-21812Windows Common Log File System Driver Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-23376Windows Common Log File System Driver Elevation of Privilege VulnerabilityYesNo7.8
CVE-2023-21688NT OS Kernel Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-21801Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-21811Windows iSCSI Service Denial of Service VulnerabilityNoNo7.5
CVE-2023-21702Windows iSCSI Service Denial of Service VulnerabilityNoNo7.5
CVE-2023-21700Windows iSCSI Discovery Service Denial of Service VulnerabilityNoNo7.5
CVE-2023-21813Windows Secure Channel Denial of Service VulnerabilityNoNo7.5
CVE-2023-21818Windows Secure Channel Denial of Service VulnerabilityNoNo7.5
CVE-2023-21816Windows Active Directory Domain Services API Denial of Service VulnerabilityNoNo7.5
CVE-2023-21695Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityNoNo7.5
CVE-2023-21691Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure VulnerabilityNoNo7.5
CVE-2023-21701Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service VulnerabilityNoNo7.5
CVE-2023-21820Windows Distributed File System (DFS) Remote Code Execution VulnerabilityNoNo7.4
CVE-2023-21694Windows Fax Service Remote Code Execution VulnerabilityNoNo6.8
CVE-2023-21697Windows Internet Storage Name Service (iSNS) Server Information Disclosure VulnerabilityNoNo6.2
CVE-2023-21693Microsoft PostScript Printer Driver Information Disclosure VulnerabilityNoNo5.7
CVE-2023-21699Windows Internet Storage Name Service (iSNS) Server Information Disclosure VulnerabilityNoNo5.3
Exchange Server vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21706Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21707Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21529Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21710Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo7.2
Microsoft Dynamics vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21778Microsoft Dynamics Unified Service Desk Remote Code Execution VulnerabilityNoNo8.3
CVE-2023-21572Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityNoNo6.5
CVE-2023-21807Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityNoNo5.8
CVE-2023-21570Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityNoNo5.4
CVE-2023-21571Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityNoNo5.4
CVE-2023-21573Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityNoNo5.4
Microsoft Office vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21716Microsoft Word Remote Code Execution VulnerabilityNoNo9.8
CVE-2023-21717Microsoft SharePoint Server Elevation of Privilege VulnerabilityNoNo8.8
CVE-2023-21715Microsoft Publisher Security Features Bypass VulnerabilityYesNo7.3
CVE-2023-21721Microsoft OneNote Spoofing VulnerabilityNoNo6.5
CVE-2023-21714Microsoft Office Information Disclosure VulnerabilityNoNo5.5
SQL Server vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21705Microsoft SQL Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21713Microsoft SQL Server Remote Code Execution VulnerabilityNoNo8.8
CVE-2023-21806Power BI Report Server Spoofing VulnerabilityNoNo8.2
CVE-2023-21528Microsoft SQL Server Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-21718Microsoft SQL ODBC Driver Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-21704Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityNoNo7.8
CVE-2023-21568Microsoft SQL Server Integration Service (VS extension) Remote Code Execution VulnerabilityNoNo7.3
System Center vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21809Microsoft Defender for Endpoint Security Feature Bypass VulnerabilityNoNo7.8
CVE-2023-23379Microsoft Defender for IoT Elevation of Privilege VulnerabilityNoNo6.4
Windows vulnerabilities
CVETitleExploited?Publicly disclosed?CVSSv3 base score
CVE-2023-21804Windows Graphics Component Elevation of Privilege VulnerabilityNoNo7.8
CVE-2023-21819Windows Secure Channel Denial of Service VulnerabilityNoNo7.5
CVE-2023-21687HTTP.sys Information Disclosure VulnerabilityNoNo5.5

We hope this post would help you know about the February 2023 Patch Tuesday report published by Microsoft on 14th February 2023. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr,  Medium & Instagram and subscribe to receive updates like this. 

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe