Patch Tuesday Review – April 2023

Patch Tuesday Image blog

Welcome to our summary of the April 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use in your vulnerability management program.

Prism users have already benefited from the platform’s Active Exploit Detection, which automatically alerts you to active exploits affecting issues within your estate.

Microsoft Patch Tuesday April 2023

Microsoft’s April 2023 Patch Tuesday announces fixes for 97 issues, including a fix for a zero day vulnerability.

7 of the 97 vulnerabilities are Critical as they allow remote code execution.

This update contains 20 Elevation of Privilege Vulnerabilities, 8 Security Feature Bypass Vulnerabilities, 45 Remote Code Execution Vulnerabilities, 10 Information Disclosure Vulnerabilities, 9 Denial of Service Vulnerabilities, and 6 Spoofing Vulnerabilities.

One Zero-Day Vulnerability Fixed

The zero-day vulnerability fixed in April’s Patch Tuesday update is:

  • CVE-2023-28252 – Windows Common Log File System Driver Elevation of Privilege Vulnerability

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Generated by wpDataTables


source https://www.rootshellsecurity.net/patch-tuesday-review-april-2023/

Comments