Security News > 2023 > February > Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws
Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of 77 flaws.
This month's Patch Tuesday fixes three actively exploited zero-day vulnerabilities used in attacks.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The third actively exploited vulnerability allows an "Attacker who successfully exploited this vulnerability could gain SYSTEM privileges."
BleepingComputer has contacted Microsoft to learn more about how the CVE-2023-21715 and CVE-2023-23376 vulnerabilities were exploited in attacks.
Below is the complete list of resolved vulnerabilities and released advisories in the February 2023 Patch Tuesday updates.
News URL
Related news
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- March 2024 Patch Tuesday forecast: A popular framework updated (source)
- Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast (source)
- Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability (source)
- March Patch Tuesday sees Hyper-V join the guest-host escape club (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-14 | CVE-2023-23376 | Unspecified vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| 2023-02-14 | CVE-2023-21715 | Incorrect Authorization vulnerability in Microsoft 365 Apps Microsoft Publisher Security Features Bypass Vulnerability | 5.0 |