Patch Tuesday Review – February 2023
Welcome to our summary of the first Patch Tuesday of the year (January 2023). We have tabulated the vulnerabilities that the latest patches from Microsoft, so that you can easily export them for use in your vulnerability management program.
Prism users have already benefited from the platform’s Active Exploit Detection, which automatically alerts you to active exploits affecting issues within your estate.
Microsoft Patch Tuesday January 2023
Microsoft’s January 2023 Patch Tuesday announces fixes for 98 issues, including an actively exploited zero-day vulnerability. Prism has already alerted users whose estates contain these active exploits.
11 of the 98 vulnerabilities are Critical, due to the fact that they allow remote code execution, bypass security features, or allow escalation of privileges.
This update contains 39 Elevation of Privilege Vulnerabilities, 4 Security Feature Bypass Vulnerabilities, 33 Remote Code Execution Vulnerabilities, 10 Information Disclosure Vulnerabilities, 10 Denial of Service Vulnerabilities, and 2 Spoofing Vulnerabilities.
One actively exploited zero-day fixed
The actively exploited and publicly disclosed zero-day vulnerability fixed in today’s updates are:
- CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
This is a Sandbox escape vulnerability that can lead to the elevation of privileges. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
| CVE | Title | Impact | Severity |
|---|---|---|---|
| CVE-2023-21524 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21525 | Remote Procedure Call Runtime Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21527 | Windows iSCSI Service Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21531 | Azure Service Fabric Container Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21532 | Windows GDI Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21535 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21536 | Event Tracing for Windows Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21537 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21538 | .NET Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21539 | Windows Authentication Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21540 | Windows Cryptographic Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21541 | Windows Task Scheduler Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21542 | Windows Installer Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21543 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21546 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21547 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21548 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21549 | Windows SMB Witness Service Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21550 | Windows Cryptographic Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21551 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Elevation of Privilege | Critical |
| CVE-2023-21552 | Windows GDI Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21555 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21556 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21557 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21558 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21559 | Windows Cryptographic Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21560 | Windows Boot Manager Security Feature Bypass Vulnerability | Security Feature Bypass | Important |
| CVE-2023-21561 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Elevation of Privilege | Critical |
| CVE-2023-21563 | BitLocker Security Feature Bypass Vulnerability | Security Feature Bypass | Important |
| CVE-2023-21674 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21675 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21676 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21677 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21678 | Windows Print Spooler Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21679 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Remote Code Execution | Critical |
| CVE-2023-21680 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21681 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21682 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21683 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21724 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21725 | Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21726 | Windows Credential Manager User Interface Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21728 | Windows Netlogon Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21730 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Elevation of Privilege | Critical |
| CVE-2023-21732 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21733 | Windows Bind Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21734 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21735 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21736 | Microsoft Office Visio Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21737 | Microsoft Office Visio Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21738 | Microsoft Office Visio Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21739 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21741 | Microsoft Office Visio Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21742 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21743 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Security Feature Bypass | Critical |
| CVE-2023-21744 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21745 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing | Important |
| CVE-2023-21746 | Windows NTLM Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21747 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21748 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21749 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21750 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21752 | Windows Backup Service Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21753 | Event Tracing for Windows Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21754 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21755 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21757 | Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21758 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2023-21759 | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | Security Feature Bypass | Important |
| CVE-2023-21760 | Windows Print Spooler Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21761 | Microsoft Exchange Server Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21762 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing | Important |
| CVE-2023-21763 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21764 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21765 | Windows Print Spooler Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21766 | Windows Overlay Filter Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21767 | Windows Overlay Filter Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21768 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21771 | Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21772 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21773 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21774 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2023-21776 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2023-21779 | Visual Studio Code Remote Code Execution | Remote Code Execution | Important |
| CVE-2023-21780 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21781 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21782 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21783 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21784 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21785 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21786 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21787 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21788 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21789 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21790 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21791 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21792 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2023-21793 | 3D Builder Remote Code Execution Vulnerability | Remote Code Execution | Important |
source https://www.rootshellsecurity.net/patch-tuesday-review-february-2023/
- Get link
- X
- Other Apps
Comments
Post a Comment