Register now for better personalized quote!

Microsoft fixes three zero-days in its 75-flaw February Patch Tuesday

Feb, 15, 2023 Hi-network.com
Image: katleho Seisa/Getty Images

Microsoft's February Patch Tuesday brings fixes for 75 flaws, and among them are fixes for three vulnerabilities for which exploits already exist.

The three zero days affect Microsoft Publisher, the Windows Common Log File System Driver, and the Windows Graphics Component. 

Also:Microsoft: We are tracking these 100 active ransomware gangs using 50 types of malware

The Microsoft Publisher flaw, CVE-2023-21715, is a security feature bypass vulnerability with an "important" severity rating from Microsoft. An attacker could bypass Office macro policies used to block untrusted or malicious files. Normally, Office alerts users that a file is untrusted before allowing it to run.

Security

  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

The attacker could trick a target into opening a specially crafted file from a website. However, Microsoft notes the "attack itself is carried out locally by a user with authentication to the targeted system." This affects Publisher delivered with Microsoft 365 Apps for Enterprise. The issue was reported by Hidetake Jo from Microsoft. 

The Windows Common Log File System Driver is affected by an elevation of privilege vulnerability, CVE-2023-23376. Microsoft rates it as "important" and notes the bug can give an attacker System-level privileges. It was reported by Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC). 

The Windows Graphics Component flaw, CVE-2023-21823, is a remote code execution (RCE) vulnerability, but only has an "important" rating despite it being an RCE and the existence of mature exploit code. 

Exploitation allows an attacker to gain System-level privileges. Microsoft doesn't say how it can be exploited and, while the bug affects Windows, Microsoft notes that Windows apps will be updated via the Microsoft Store and that OneNote for Android can be updated via Google Play. The bug was reported by Mandiant researchers Dhanesh Kizhakkinan and Genwei Jiang. 

There are fixes for nine critical bugs this month, all of which are remote code execution flaws, according to the Zero Day Initiative's tally. These affect .NET and Visual Studio, Microsoft Protected Extensible Authentication Protocol, Microsoft SQL ODBC Driver, Microsoft Word, and the Windows iSCSI Discovery Service. There are 66 medium-severity flaws and one medium-severity flaw that affected several Wi-Fi devices with a fix now being integrated into Microsoft products. 

Security firm Rapid7 notes that Microsoft has now started to include in its Patch Tuesday disclosures about flaws affecting CBL-Mariner, Microsoft's own Linux OS distribution for Azure. Mariner is used by Microsoft internally and is in production with Xbox, Playful, Minecraft, and over 100 Azure services, including Azure Kubernetes Service.  

Microsoft in January announced it was sharing CBL-Mariner CVEs in the Security Update Guide.  

Admins still running Windows 8.1 should take note also of this Patch Tuesday as it was the first one since the end of the Windows 8.1 Extended Security Updates program. 

Also:Cybersecurity staff are struggling. Here's how to support them better

"Admins responsible for Windows Server 2008 instances should note that ESU for Windows Server 2008 is now only available for instances hosted in Azure or on-premises instances hosted via Azure Stack. Instances of Windows Server 2008 hosted in a non-Azure context will no longer receive security updates, so will forever remain vulnerable to any new vulnerabilities, including the two zero-days covered above," noted Rapid7's Adam Barnett.

Featured

New iPhone 15 Pro overheating reports: Still too hot after iOS 17.0.3 and fresh issues arise after the updateGenerative AI will far surpass what ChatGPT can do. Here's everything on how the tech advancesiPhone 15 Pro review: Prepare to be dazzledThe best USB-C cables for the iPhone 15: What the experts recommend
  • New iPhone 15 Pro overheating reports: Still too hot after iOS 17.0.3 and fresh issues arise after the update
  • Generative AI will far surpass what ChatGPT can do. Here's everything on how the tech advances
  • iPhone 15 Pro review: Prepare to be dazzled
  • The best USB-C cables for the iPhone 15: What the experts recommend

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.