You are currently viewing Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Including a Zero-Day!

Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Including a Zero-Day!

Microsoft has released April 2023 Patch Tuesday security updates, addressing 97 vulnerabilities. Seven are classified as critical as they allow the most severe type of vulnerability remote code execution, and 90 are classified as important. The products covered in the April security update include Windows CLFS driver, Microsoft Message Queuing, Windows DHCP Server, Windows Layer 2 Tunneling Protocol, .NET Core, Azure Machine Learning, Azure Service Connector, Microsoft Bluetooth Driver, Microsoft Defender for Endpoint, Microsoft Dynamics, and more.

This month’s Patch Tuesday fixes one zero-day vulnerability that is known to be exploited in Nokoyawa ransomware attacks (CVE-2023-28252)

Zero-Days Vulnerabilities

CVE-2023-28252 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
This vulnerability has a CVSSv3.1 score of 7.8 out of 10. This vulnerability allows remote attackers to execute commands with the highest level of privileges, called SYSTEM privileges, on a Windows system. This can give the attacker complete control over the targeted system if exploited.

Critical Vulnerabilities

This Patch Tuesday addresses seven security vulnerabilities categorized as “Critical”. These vulnerabilities can pose a significant threat to the security of the affected devices. If exploited, they could allow remote code execution, enabling attackers to gain control of systems and perform various malicious activities.

Tag CVE ID CVE Title Severity
Microsoft Message Queuing CVE-2023-21554 Microsoft Message Queuing Remote Code Execution Vulnerability Critical
Windows DHCP Server CVE-2023-28231 DHCP Server Service Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-28219 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows PGM CVE-2023-28250 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2023-28232 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Raw Image Extension CVE-2023-28291 Raw Image Extension Remote Code Execution Vulnerability Critical

Microsoft Security Bulletin Summary for April 2023

    • .NET Core

    • Azure Machine Learning

    • Azure Service Connector

    • Microsoft Bluetooth Driver

    • Microsoft Defender for Endpoint

    • Microsoft Dynamics

    • Microsoft Dynamics 365 Customer Voice

    • Microsoft Edge (Chromium-based)

    • Microsoft Graphics Component

    • Microsoft Message Queuing

    • Microsoft Office

    • Microsoft Office Publisher

    • Microsoft Office SharePoint

    • Microsoft Office Word

    • Microsoft PostScript Printer Driver

    • Microsoft Printer Drivers

    • Microsoft WDAC OLE DB provider for SQL

    • Microsoft Windows DNS

    • Visual Studio

    • Visual Studio Code

    • Windows Active Directory

    • Windows ALPC

    • Windows Ancillary Function Driver for Winsock

    • Windows Boot Manager

    • Windows Clip Service

    • Windows CNG Key Isolation Service

    • Windows Common Log File System Driver

    • Windows DHCP Server

    • Windows Enroll Engine

    • Windows Error Reporting

    • Windows Group Policy

    • Windows Internet Key Exchange (IKE) Protocol

    • Windows Kerberos

    • Windows Kernel

    • Windows Layer 2 Tunneling Protocol

Product: Microsoft Windows

CVEs/Advisory: CVE-2023-21554, CVE-2023-21727, CVE-2023-21729, CVE-2023-21769, CVE-2023-24883, CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24912, CVE-2023-24914, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-24931, CVE-2023-28216, CVE-2023-28217, CVE-2023-28218, CVE-2023-28219, CVE-2023-28220, CVE-2023-28221, CVE-2023-28222, CVE-2023-28223, CVE-2023-28224, CVE-2023-28225, CVE-2023-28226, CVE-2023-28227, CVE-2023-28228, CVE-2023-28229, CVE-2023-28231, CVE-2023-28232, CVE-2023-28233, CVE-2023-28234, CVE-2023-28235, CVE-2023-28236, CVE-2023-28237, CVE-2023-28238, CVE-2023-28240, CVE-2023-28241, CVE-2023-28243, CVE-2023-28244, CVE-2023-28246, CVE-2023-28247, CVE-2023-28248, CVE-2023-28249, CVE-2023-28250, CVE-2023-28252, CVE-2023-28253, CVE-2023-28254, CVE-2023-28255, CVE-2023-28256, CVE-2023-28266, CVE-2023-28267, CVE-2023-28268, CVE-2023-28269, CVE-2023-28270, CVE-2023-28271, CVE-2023-28272, CVE-2023-28273, CVE-2023-28274, CVE-2023-28275, CVE-2023-28276, CVE-2023-28277, CVE-2023-28278, CVE-2023-28291, CVE-2023-28292, CVE-2023-28293, CVE-2023-28297, CVE-2023-28298, CVE-2023-28302, CVE-2023-28305, CVE-2023-28306, CVE-2023-28307, CVE-2023-28308

Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing

KB’s: 5022282, 5022286, 5022287, 5022289, 5022291, 5022297, 5022303, 5022343, 5022346, 5022348, 5022352, 5025221, 5025224, 5025228, 5025229, 5025230, 5025234, 5025239, 5025272, 5025285, 5025287, 5025288

 

Product: Microsoft Dynamics
CVEs/Advisory: CVE-2023-28313, CVE-2023-28314, CVE-2023-28309
Impact: Spoofing
KB’s: 5023894

Product: Visual Studio
CVEs/Advisory: CVE-2023-28260, CVE-2023-28262, CVE-2023-28263, CVE-2023-28296, CVE-2023-28299
Impact: Elevation of Privilege, Information Disclosure, Remote Code Execution, Spoofing

 

Product: Microsoft Office
CVEs/Advisory: CVE-2023-28285, CVE-2023-28287, CVE-2023-28288, CVE-2023-28295, CVE-2023-28311
Impact: Remote Code Execution, Spoofing
KB’s: 5002213, 5002221, 5002373, 5002375, 5002381, 5002383, 5002385

SanerNow VM and SanerNow PM detect and automatically fix these vulnerabilities by applying security updates. Use SanerNow and keep your systems updated and secure.