Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th.
In-The-Wild & Disclosed CVEs
The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in Windows Graphic Component that can allow for code execution leading to SYSTEM privileges. Updates are available for all supported versions of Windows as well as Microsoft Office for IOS, Android, and Universal. Microsoft Office for Universal is a version of Microsoft Office available for Windows 10 via the Microsoft App Store. Exploitation of this vulnerability has been detected in-the-wild.
A vulnerability in the click-to-run version of Microsoft Publisher available via Microsoft 365 Apps for Enterprise could allow an attacker to bypass the policies used to block Office macros in untrusted or malicious files. In order to successfully exploit a target, an attacker would need to convince the target to download and open a specially crafted file. Exploitation of this vulnerability has been detected in-the-wild.
A vulnerability in the Common Log File System (CLFS) driver could allow an attacker to gain SYSTEM level access. All supported versions of Windows are affected and exploitation of this vulnerability has been detected in-the-wild.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
|
Tag |
CVE Count |
CVEs |
|
Microsoft PostScript Printer Driver |
3 |
CVE-2023-21684, CVE-2023-21801, CVE-2023-21693 |
|
Azure Machine Learning |
1 |
CVE-2023-23382 |
|
HoloLens |
1 |
CVE-2019-15126 |
|
Microsoft Office Word |
1 |
CVE-2023-21716 |
|
Windows Cryptographic Services |
2 |
CVE-2023-21813, CVE-2023-21819 |
|
Windows Installer |
1 |
CVE-2023-21800 |
|
Visual Studio |
4 |
CVE-2023-21566, CVE-2023-21567, CVE-2023-21815, CVE-2023-23381 |
|
Microsoft Dynamics |
6 |
CVE-2023-21778, CVE-2023-21807, CVE-2023-21570, CVE-2023-21571, CVE-2023-21572, CVE-2023-21573 |
|
Windows Protected EAP (PEAP) |
6 |
CVE-2023-21689, CVE-2023-21690, CVE-2023-21691, CVE-2023-21692, CVE-2023-21695, CVE-2023-21701 |
|
Microsoft Defender for IoT |
1 |
CVE-2023-23379 |
|
Azure App Service |
1 |
CVE-2023-21777 |
|
Microsoft Office SharePoint |
1 |
CVE-2023-21717 |
|
Windows SChannel |
1 |
CVE-2023-21818 |
|
Microsoft Windows Codecs Library |
1 |
CVE-2023-21802 |
|
SQL Server |
6 |
CVE-2023-21528, CVE-2023-21704, CVE-2023-21705, CVE-2023-21718, CVE-2023-21568, CVE-2023-21713 |
|
3D Builder |
3 |
CVE-2023-23378, CVE-2023-23377, CVE-2023-23390 |
|
Azure Data Box Gateway |
1 |
CVE-2023-21703 |
|
Microsoft Graphics Component |
2 |
CVE-2023-21804, CVE-2023-21823 |
|
Microsoft Exchange Server |
4 |
CVE-2023-21706, CVE-2023-21707, CVE-2023-21529, CVE-2023-21710 |
|
Microsoft Office OneNote |
1 |
CVE-2023-21721 |
|
Windows ODBC Driver |
2 |
CVE-2023-21797, CVE-2023-21798 |
|
Windows iSCSI |
4 |
CVE-2023-21803, CVE-2023-21811, CVE-2023-21700, CVE-2023-21702 |
|
Windows Active Directory |
1 |
CVE-2023-21816 |
|
Windows MSHTML Platform |
1 |
CVE-2023-21805 |
|
Power BI |
1 |
CVE-2023-21806 |
|
Microsoft WDAC OLE DB provider for SQL |
3 |
CVE-2023-21799, CVE-2023-21685, CVE-2023-21686 |
|
.NET Framework |
1 |
CVE-2023-21722 |
|
Windows Win32K |
1 |
CVE-2023-21822 |
|
.NET and Visual Studio |
1 |
CVE-2023-21808 |
|
Internet Storage Name Service |
2 |
CVE-2023-21697, CVE-2023-21699 |
|
Mariner |
1 |
CVE-2022-43552 |
|
Windows Kerberos |
1 |
CVE-2023-21817 |
|
Windows HTTP.sys |
1 |
CVE-2023-21687 |
|
Microsoft Office Publisher |
1 |
CVE-2023-21715 |
|
Microsoft Office |
1 |
CVE-2023-21714 |
|
Microsoft Defender for Endpoint |
1 |
CVE-2023-21809 |
|
Microsoft Edge (Chromium-based) |
3 |
CVE-2023-21794, CVE-2023-21720, CVE-2023-23374 |
|
Windows ALPC |
1 |
CVE-2023-21688 |
|
Azure DevOps |
2 |
CVE-2023-21553, CVE-2023-21564 |
|
Windows Fax and Scan Service |
1 |
CVE-2023-21694 |
|
Windows Common Log File System Driver |
2 |
CVE-2023-21812, CVE-2023-23376 |
|
Windows Distributed File System (DFS) |
1 |
CVE-2023-21820 |
Other Information
At the time of publication, there were no new advisories included with the February Security Guidance.
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.
