Microsoft Releases Patches for 3 Actively Exploited Home windows Vulnerabilities

Feb 15, 2023Ravie LakshmananPatch Tuesday / Software program Updates

Microsoft Patch Tuesdays

Microsoft on Tuesday launched security updates to handle 75 flaws spanning its product portfolio, three of which have come below lively exploitation within the wild.

The updates are along with 22 flaws the Home windows maker patched in its Chromium-based Edge browser over the previous month.

Of the 75 vulnerabilities, 9 are rated Important and 66 are rated Necessary in severity. 37 out of 75 bugs are categorised as distant code execution (RCE) flaws. The three zero-days of observe which were exploited are as follows –

  • CVE-2023-21715 (CVSS rating: 7.3) – Microsoft Workplace Safety Characteristic Bypass Vulnerability
  • CVE-2023-21823 (CVSS rating: 7.8) – Home windows Graphics Element Elevation of Privilege Vulnerability
  • CVE-2023-23376 (CVSS rating: 7.8) – Home windows Frequent Log File System (CLFS) Driver Elevation of Privilege Vulnerability

“The assault itself is carried out domestically by a person with authentication to the focused system,” Microsoft mentioned in advisory for CVE-2023-21715.

“An authenticated attacker may exploit the vulnerability by convincing a sufferer, via social engineering, to obtain and open a specifically crafted file from an internet site which may result in a neighborhood assault on the sufferer laptop.”

Profitable exploitation of the above flaws may allow an adversary to bypass Workplace macro insurance policies used to dam untrusted or malicious recordsdata or achieve SYSTEM privileges.

CVE-2023-23376 can also be the third actively exploited zero-day flaw within the CLFS part after CVE-2022-24521 and CVE-2022-37969 (CVSS scores: 7.8), which had been addressed by Microsoft in April and September 2022.

“The Home windows Frequent Log File System Driver is a part of the Home windows working system that manages and maintains a high-performance, transaction-based log file system,” Immersive Labs’ Nikolas Cemerikic mentioned.

“It’s a vital part of the Home windows working system, and any vulnerabilities on this driver may have vital implications for the safety and reliability of the system.”

It is price noting that Microsoft OneNote for Android is susceptible to CVE-2023-21823, and with the note-taking service more and more rising as a conduit for delivering malware, it is essential that customers apply the fixes.

Additionally addressed by Microsoft are a number of RCE defects in Change Server, ODBC Driver, PostScript Printer Driver, and SQL Server in addition to denial-of-service (DoS) points impacting Home windows iSCSI Service and Home windows Safe Channel.

Three of the Change Server flaws are categorised by the corporate as “Exploitation Extra Probably,” though profitable exploitation requires the attacker to be already authenticated.

Change servers have confirmed to be high-value targets in recent times as they will allow unauthorized entry to delicate info, or facilitate Enterprise Electronic mail Compromise (BEC) assaults.

Software program Patches from Different Distributors

Moreover Microsoft, safety updates have additionally been launched by different distributors over the previous few weeks to rectify a number of vulnerabilities, together with —

Discovered this text fascinating? Comply with us on Twitter and LinkedIn to learn extra unique content material we put up.