May 20, 2024

Microsoft fixes three zero-days in February update

4 min read



Microsoft has issued fixes for a overall of 75 freshly discovered typical vulnerabilities and exposures (CVEs) in its February 2023 Patch Tuesday update, such as 3 zero-day vulnerabilities that, although they have not previously been created community, need to be prioritised for patching.

The 3 zero-times have all been selected of essential severity, and have CVS scores of 7.3, 7.8 and 7.8 respectively. They are all acknowledged to be exploited in the wild.

They are tracked as follows:

  • CVE-2023-21715, a stability characteristic bypass vulnerability in Microsoft Publisher which could permit an attacker bypass Business office macro defences utilizing a specially crafted doc to run code that would if not be blocked. However, this can only be accomplished by a neighborhood, authenticated consumer, and it impacts only Publisher installations that are element of the wider Microsoft 365 Applications for Organization offer.
  • CVE-2023-21823, a joint elevation of privilege (EoP) and distant code execution (RCE) vulnerability in Windows Graphics Part, which enables an attacker to achieve process-degree privileges. It has an effect on Home windows 10 and Server 2008 and later on editions, as very well as Microsoft Office environment for iOS, Android and Universal – in these three latter cases, it can lead to RCE, hence its dual mother nature.
  • And CVE-2023-23376, an additional EoP vulnerability in Windows Frequent Log File Method Driver that all over again permits local privilege escalation to system-amount. There does not show up to be any experienced exploit code that Microsoft is mindful of, on the other hand it does warrant a swift fix since it has an effect on the huge majority of Home windows hosts.

Chris Goettl, vice-president of stability solutions at Ivanti, mentioned the actuality that the exploited vulnerabilities were being all rated as remaining of decrease severity than lots of of the other squashed bugs need to be a beneficial lesson for safety groups as they go about shoring up their defences.

“Organisations are urged to increase their prioritisation over and above just vendor severity and CVSS score alone,” claimed Goettl, “as numerous exploited vulnerabilities will be considerably less than Essential or CVSS 8.. This emphasises the urgent want to utilise risk-primarily based prioritisation techniques in your vulnerability management programme.”  

Important bugs

The complete drop also tackle nine critical CVEs, all foremost to remote code execution, and their CVSS scores selection from 7.8 to 9.8. These are:

Functioning the rule around the outlined essential bugs, Dustin Childs of Trend Micro’s Zero Working day Initiative programme, reported that the PEAP vulnerabilities may possibly confirm fewer impactful as the protocol is currently being applied less and much less, but that of somewhat extra issue is the iSCSI Discovery Service challenge.

“Datacentres with storage spot networks (SANs) really should definitely check out with their distributors to see if their SAN is impacted by the RCE vulnerability,” wrote Childs.

He said the SQL ODBC driver vulnerability, which he assessed may have a “somewhat unlikely” exploit chain involved with it, but which still warrants notice to make certain stability teams get the right deal with for the ideal edition of SQL Server. Finally, he stated, the a few patches covering .Web and Visible Studio appeared at encounter worth to be straightforward “open-and-own” bugs, but specifics are skinny on the ground.

Childs also famous that the whole February update is a little abnormal in that completely fifty percent of the bugs patched are RCE vulnerabilities.

Adam Barnett, direct program engineer at Quick7, observed that pursuing the finish of assistance for Home windows 8.1 – the January 2023 update was the previous to cover it – security teams even now running it should be on their guard transferring ahead.

“This is the initially Patch Tuesday right after the finish of Prolonged Security Updates (ESU) for Home windows 8.1. Admins dependable for Home windows Server 2008 cases need to take note that ESU for Windows Server 2008 is now only accessible for scenarios hosted in Azure or on-premises cases hosted by using Azure Stack,” he said.

“Instances of Home windows Server 2008 hosted in a non-Azure context will no more time obtain protection updates, so will without end remain susceptible to any new vulnerabilities, such as the two zero-times included over.”


Supply link Microsoft Corporation announced on Tuesday that their February security update resolves a total of three zero-days.

The company recently released a set of security updates for Microsoft Windows, other company products and third-party software. Among the patch group is an advisory kit (ADV200002 and ADV200001) which addresses a total of three zero-days.

Zero-day vulnerabilities are very serious and exploitable software bugs. They allow attackers to remotely exploit a system or application with the intention of gaining access to confidential data or control of the system or application.

The two advisories focus on vulnerabilities with Microsoft Windows, including CVE-2020-0601, which is a critical Remote Code Execution (RCE) vulnerability in the Windows Cryptographic library. The two advisories also focus on two Remote Code Execution (RCE) Elevation of Privilege (EoP) vulnerabilities in Microsoft Windows, identified as CVE-2020-0674 and CVE-2020-0681.

All three vulnerabilities have been addressed in the February security updates, which can be applied to any system running Windows 10, Windows 7 Service Pack 1, or Windows Server 2016, 2019 and 2020. Microsoft has also released an additional patch set (FU62) designed to address issues associated with the security updates applied to Windows 8 and 7 systems.

Microsoft recommends that users apply the security updates as soon as possible in order to address the discovered vulnerabilities. They have also warned users to be more cautious of emails and other suspicious communications, as well as to regularly back up their data.

It is encouraging to see Microsoft taking swift action to address these critical zero-day vulnerabilities. Ensuring the security and stability of Windows users should be their top priority and it’s reassuring to know that their security team is continuously monitoring the system for potential risks.