Learn Search

Search across all Learn content

← Back to Security Research
Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Including a Zero-Day!

Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Including a Zero-Day!

Apr 11, 2023By Tanish Mahajan4 min read

Microsoft has finally released April 2023 Patch Tuesday security updates, addressing a total of 97 vulnerabilities. However, Seven are classified as critical as they allow the most severe type of vulnerability remote code execution, and 90 are classified as critical. This was uncovered by using a vulnerability management software. The products covered in the April security update additionally include Windows CLFS driver, Microsoft Message Queuing, Windows DHCP Server, Windows Layer 2 Tunneling Protocol, .NET Core, Azure Machine Learning, Azure Service Connector, Microsoft Bluetooth Driver, Microsoft Defender for Endpoint, Microsoft Dynamics, and more.

April’s Patch Tuesday fixes onezero-day vulnerability that is known to be exploited in Nokoyawa ransomware attacks (CVE-2023-28252). Simplify patch deployment with a good patch management software.

Zero-Days Vulnerabilities addressed by Microsoft’s April 2023 Patch Tuesday

CVE-2023-28252 | Windows Common Log File System Driver Elevation of Privilege VulnerabilityThis vulnerability has a CVSSv3.1 score of 7.8 out of 10. Therefore this vulnerability allows remote attackers to execute commands with the highest level of privileges, called SYSTEM privileges, on a Windows system. This can additionally give the attacker complete control over the targeted system if exploited.

Critical Vulnerabilities Addressed by Patch Tuesday

Microsoft’s April 2023 Patch Tuesday addresses seven security vulnerabilities categorized as “Critical”. Additionally, these vulnerabilities can hence pose a significant threat and therefore affect the security of the devices. However, if exploited, they could allow remote code execution, enabling attackers to gain control of systems and therefore perform various malicious activities.

Microsoft Security Bulletin Summary for April 2023

    • .NET Core
    • Azure Machine Learning
    • Azure Service Connector
    • Microsoft Bluetooth Driver
    • Microsoft Defender for Endpoint
    • Microsoft Dynamics
    • Microsoft Dynamics 365 Customer Voice
    • Microsoft Edge (Chromium-based)
    • Microsoft Graphics Component
    • Microsoft Message Queuing
    • Microsoft Office
    • Microsoft Office Publisher
    • Microsoft Office SharePoint
    • Microsoft Office Word
    • Microsoft PostScript Printer Driver
    • Microsoft Printer Drivers
    • Microsoft WDAC OLE DB provider for SQL
    • Microsoft Windows DNS
    • Visual Studio
    • Visual Studio Code
    • Windows Active Directory
    • Windows ALPC
    • Windows Ancillary Function Driver for Winsock
    • Windows Boot Manager
    • Windows Clip Service
    • Windows CNG Key Isolation Service
    • Windows Common Log File System Driver
    • Windows DHCP Server
    • Windows Enroll Engine
    • Windows Error Reporting
    • Windows Group Policy
    • Windows Internet Key Exchange (IKE) Protocol
    • Windows Kerberos
    • Windows Kernel
    • Windows Layer 2 Tunneling Protocol

Product: Microsoft Windows

CVEs/Advisory: CVE-2023-21554, CVE-2023-21727, CVE-2023-21729, CVE-2023-21769, CVE-2023-24883, CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24912, CVE-2023-24914, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-24931, CVE-2023-28216, CVE-2023-28217, CVE-2023-28218, CVE-2023-28219, CVE-2023-28220, CVE-2023-28221, CVE-2023-28222, CVE-2023-28223, CVE-2023-28224, CVE-2023-28225, CVE-2023-28226, CVE-2023-28227, CVE-2023-28228, CVE-2023-28229, CVE-2023-28231, CVE-2023-28232, CVE-2023-28233, CVE-2023-28234, CVE-2023-28235, CVE-2023-28236, CVE-2023-28237, CVE-2023-28238, CVE-2023-28240, CVE-2023-28241, CVE-2023-28243, CVE-2023-28244, CVE-2023-28246, CVE-2023-28247, CVE-2023-28248, CVE-2023-28249, CVE-2023-28250, CVE-2023-28252, CVE-2023-28253, CVE-2023-28254, CVE-2023-28255, CVE-2023-28256, CVE-2023-28266, CVE-2023-28267, CVE-2023-28268, CVE-2023-28269, CVE-2023-28270, CVE-2023-28271, CVE-2023-28272, CVE-2023-28273, CVE-2023-28274, CVE-2023-28275, CVE-2023-28276, CVE-2023-28277, CVE-2023-28278, CVE-2023-28291, CVE-2023-28292, CVE-2023-28293, CVE-2023-28297, CVE-2023-28298, CVE-2023-28302, CVE-2023-28305, CVE-2023-28306, CVE-2023-28307, CVE-2023-28308

Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing

KB’s: 5022282, 5022286, 5022287, 5022289, 5022291, 5022297, 5022303, 5022343, 5022346, 5022348, 5022352, 5025221, 5025224, 5025228, 5025229, 5025230, 5025234, 5025239, 5025272, 5025285, 5025287, 5025288

Product: Microsoft DynamicsCVEs/Advisory: CVE-2023-28313, CVE-2023-28314, CVE-2023-28309Impact: SpoofingKB’s: 5023894

Product: Visual StudioCVEs/Advisory: CVE-2023-28260, CVE-2023-28262, CVE-2023-28263, CVE-2023-28296, CVE-2023-28299Impact: Elevation of Privilege, Information Disclosure, Remote Code Execution, Spoofing

Product: Microsoft OfficeCVEs/Advisory: CVE-2023-28285, CVE-2023-28287, CVE-2023-28288, CVE-2023-28295, CVE-2023-28311Impact: Remote Code Execution, SpoofingKB’s: 5002213, 5002221, 5002373, 5002375, 5002381, 5002383, 5002385

In conclusion, these were the highlights of Microsoft’s April 2023 Patch Tuesday.

So, use SanerNow VM and SanerNow PM to detect and automatically fix these vulnerabilities by applying security updates. Therefore, use SanerNow and keep your systems updated and secure.

Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Inclu | SecPod