Security News > 2023 > February > Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws

Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of 77 flaws.
This month's Patch Tuesday fixes three actively exploited zero-day vulnerabilities used in attacks.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The third actively exploited vulnerability allows an "Attacker who successfully exploited this vulnerability could gain SYSTEM privileges."
BleepingComputer has contacted Microsoft to learn more about how the CVE-2023-21715 and CVE-2023-23376 vulnerabilities were exploited in attacks.
Below is the complete list of resolved vulnerabilities and released advisories in the February 2023 Patch Tuesday updates.
News URL
Related news
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-14 | CVE-2023-23376 | Out-of-bounds Write vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
2023-02-14 | CVE-2023-21715 | Incorrect Authorization vulnerability in Microsoft 365 Apps Microsoft Publisher Security Feature Bypass Vulnerability | 7.3 |