Microsoft’s February 2023 Patch Tuesday Fixes 3 Actively Exploited Flaws

Microsoft’s monthly security update rollout in February patches 77 flaws affecting products in its portfolio, including three actively exploited zero-day vulnerabilities.

Nine of the 77 vulnerabilities are flagged “Critical” in severity, while the remaining 68 are marked as “Important.” Almost half (37 out of 77) were classified as Remote Code Execution (RCE) vulnerabilities.

Researchers spotted three zero-day vulnerabilities being exploited in the wild, namely:

• CVE-2023-21715 (CVSS Score: 7.3) - Microsoft Publisher Security Features Bypass Vulnerability. Attackers authenticated on the target machine could persuade victims to download and run a malicious file so they can bypass Office macro policies.
• CVE 2023 21823 (CVSS Score: 7.8) - Windows Graphics Component Remote Code Execution Vulnerability. Attackers could exploit this vulnerability affecting unpatched products to gain SYSTEM privileges.
• CVE-2023-23376 (CVSS Score: 7.8) - Windows Common Log File System Driver Elevation of Privilege Vulnerability. Attackers could exploit this flaw to gain elevated (SYSTEM) privileges on vulnerable machines.

For CVE 2023 21823, Microsoft decided to push the security update through the Microsoft Store rather than Windows Update. While this is not uncommon, users who disable automatic Microsoft Store updates may be exposed to this vulnerability.

Users who opted out of automatic Microsoft Store updates should either re-enable the feature or follow Microsoft’s guide on manually retrieving updates for apps and games in the Microsoft Store.

To dodge attacks that weaponize these flaws, users should apply the latest security updates immediately. Most systems should install the updates automatically; however, users who disabled automatic updates can also perform manual checks and apply any recommended patches.

Specialized software such as Bitdefender Ultimate Security can help you steer clear of zero-day exploits and other cyberthreats with its comprehensive feature library, including:

• 24/7 all-around protection against Trojans, viruses, worms, zero-day exploits, rootkits, spyware, ransomware and other e-threats
• Vulnerability assessment module that scans your device for any weak spots, including vulnerable software and missing Windows updates, and suggests the best fix
• Network threat prevention technology that detects suspicious network-level activities and blocks them before they do harm
• Advanced threat defense module that closely monitors active apps and takes instant action upon detecting suspicious activity