Service Notices
Microsoft Releases February 2023 Security Updates
Feb 16, 2023 GMT+08:00
I. Overview
Microsoft has released its February 2023 Security Updates. A total of 76 security vulnerabilities have been disclosed, among which 9 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to perform remote code execution, escalate privileges, and leak sensitive information. The affected applications include Microsoft Windows, Microsoft Office, Microsoft SQL Server and Visual Studio.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2023-Fe
The following vulnerabilities have been exploited by attackers:
Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2023-23376): 0-day vulnerability. Attackers who successfully exploit this vulnerability could gain SYSTEM privileges. Wild attacks have been found, and the risk is high.
Microsoft Publisher Security Features Bypass Vulnerability (CVE-2023-21715): 0-day vulnerability. An authenticated attacker can exploit this vulnerability by inducing users to download and open specially crafted files from the website, which can let them bypass the security function check. This vulnerability has been exploited in the wild, and the risk is high.
Windows Graphics Component Remote Code Execution Vulnerability (CVE-2023-21823): 0-day vulnerability. An attacker who successfully exploited the vulnerability could gain SYSTEM privileges. This vulnerability has been exploited in the wild, and the risk is high.
11 vulnerabilities (such as CVE-2023-21692, CVE-2023-21690, and CVE-2023-21689) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Microsoft SQL Server, Visual Studio, and other products.
IV. Vulnerability Details
|
CVE ID |
Vulnerability |
Severity |
Description |
|
CVE-2023-21692 |
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
Important |
An unauthenticated attacker can send specially crafted PEAP packets to attack the target server, causing arbitrary code execution on the target server. |
|
CVE-2023-21815 |
Visual Studio Remote Code Execution Vulnerability |
Important |
Attackers can exploit this vulnerability to bypass identity authentication and execute arbitrary code. |
|
CVE-2023-21718 |
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability |
Important |
Attackers exploit this vulnerability by inducing unauthenticated users to connect to a malicious SQL Server database through ODBC. This may cause the database to return malicious data, resulting in arbitrary code execution on the target client. |
|
CVE-2023-21716 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
An unauthenticated attacker can exploit the vulnerability by sending malicious emails containing RTF payloads and inducing users to open the emails. Successful exploitation of this vulnerability can cause arbitrary code execution on the target system. |
|
CVE-2023-21808 |
.NET and Visual Studio Remote Code Execution Vulnerability |
Important |
Attackers can exploit this vulnerability to bypass identity authentication and execute arbitrary code. |
|
CVE-2023-21803 |
Windows iSCSI Discovery Service Remote Code Execution Vulnerability |
Important |
Attackers can exploit this vulnerability by sending specially crafted DHCP Discovery requests to the iSCSI Discovery service on a 32-bit computer. Successful exploitation could lead to arbitrary remote code execution on the target server. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.