You are currently viewing Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Including a Zero-Day!

Microsoft April 2023 Patch Tuesday Addresses 97 Vulnerabilities, Including a Zero-Day!

  • Post author:
  • Reading time:21 mins read

Microsoft has finally released April 2023 Patch Tuesday security updates, addressing a total of 97 vulnerabilities. However, Seven are classified as critical as they allow the most severe type of vulnerability remote code execution, and 90 are classified as critical. This was uncovered by using a vulnerability management software. The products covered in the April security update additionally include Windows CLFS driver, Microsoft Message Queuing, Windows DHCP Server, Windows Layer 2 Tunneling Protocol, .NET Core, Azure Machine Learning, Azure Service Connector, Microsoft Bluetooth Driver, Microsoft Defender for Endpoint, Microsoft Dynamics, and more.

April’s Patch Tuesday fixes one zero-day vulnerability that is known to be exploited in Nokoyawa ransomware attacks (CVE-2023-28252). Simplify patch deployment with a good patch management software.

 

Zero-Days Vulnerabilities addressed by Microsoft’s April 2023 Patch Tuesday

CVE-2023-28252 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
This vulnerability has a CVSSv3.1 score of 7.8 out of 10. Therefore this vulnerability allows remote attackers to execute commands with the highest level of privileges, called SYSTEM privileges, on a Windows system. This can additionally give the attacker complete control over the targeted system if exploited.

SanerNow patch management

 

Critical Vulnerabilities Addressed by Patch Tuesday

Microsoft’s April 2023 Patch Tuesday addresses seven security vulnerabilities categorized as “Critical”. Additionally, these vulnerabilities can hence pose a significant threat and therefore affect the security of the devices. However, if exploited, they could allow remote code execution, enabling attackers to gain control of systems and therefore perform various malicious activities.

Tag CVE ID CVE Title Severity
Microsoft Message Queuing CVE-2023-21554 Microsoft Message Queuing Remote Code Execution Vulnerability Critical
Windows DHCP Server CVE-2023-28231 DHCP Server Service Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-28219 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Layer 2 Tunneling Protocol CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows PGM CVE-2023-28250 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2023-28232 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Raw Image Extension CVE-2023-28291 Raw Image Extension Remote Code Execution Vulnerability Critical

Microsoft Security Bulletin Summary for April 2023

    • .NET Core

    • Azure Machine Learning

    • Azure Service Connector

    • Microsoft Bluetooth Driver

    • Microsoft Defender for Endpoint

    • Microsoft Dynamics

    • Microsoft Dynamics 365 Customer Voice

    • Microsoft Edge (Chromium-based)

    • Microsoft Graphics Component

    • Microsoft Message Queuing

    • Microsoft Office

    • Microsoft Office Publisher

    • Microsoft Office SharePoint

    • Microsoft Office Word

    • Microsoft PostScript Printer Driver

    • Microsoft Printer Drivers

    • Microsoft WDAC OLE DB provider for SQL

    • Microsoft Windows DNS

    • Visual Studio

    • Visual Studio Code

    • Windows Active Directory

    • Windows ALPC

    • Windows Ancillary Function Driver for Winsock

    • Windows Boot Manager

    • Windows Clip Service

    • Windows CNG Key Isolation Service

    • Windows Common Log File System Driver

    • Windows DHCP Server

    • Windows Enroll Engine

    • Windows Error Reporting

    • Windows Group Policy

    • Windows Internet Key Exchange (IKE) Protocol

    • Windows Kerberos

    • Windows Kernel

    • Windows Layer 2 Tunneling Protocol

Product: Microsoft Windows

CVEs/Advisory: CVE-2023-21554, CVE-2023-21727, CVE-2023-21729, CVE-2023-21769, CVE-2023-24883, CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24912, CVE-2023-24914, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-24931, CVE-2023-28216, CVE-2023-28217, CVE-2023-28218, CVE-2023-28219, CVE-2023-28220, CVE-2023-28221, CVE-2023-28222, CVE-2023-28223, CVE-2023-28224, CVE-2023-28225, CVE-2023-28226, CVE-2023-28227, CVE-2023-28228, CVE-2023-28229, CVE-2023-28231, CVE-2023-28232, CVE-2023-28233, CVE-2023-28234, CVE-2023-28235, CVE-2023-28236, CVE-2023-28237, CVE-2023-28238, CVE-2023-28240, CVE-2023-28241, CVE-2023-28243, CVE-2023-28244, CVE-2023-28246, CVE-2023-28247, CVE-2023-28248, CVE-2023-28249, CVE-2023-28250, CVE-2023-28252, CVE-2023-28253, CVE-2023-28254, CVE-2023-28255, CVE-2023-28256, CVE-2023-28266, CVE-2023-28267, CVE-2023-28268, CVE-2023-28269, CVE-2023-28270, CVE-2023-28271, CVE-2023-28272, CVE-2023-28273, CVE-2023-28274, CVE-2023-28275, CVE-2023-28276, CVE-2023-28277, CVE-2023-28278, CVE-2023-28291, CVE-2023-28292, CVE-2023-28293, CVE-2023-28297, CVE-2023-28298, CVE-2023-28302, CVE-2023-28305, CVE-2023-28306, CVE-2023-28307, CVE-2023-28308

Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing

KB’s: 5022282, 5022286, 5022287, 5022289, 5022291, 5022297, 5022303, 5022343, 5022346, 5022348, 5022352, 5025221, 5025224, 5025228, 5025229, 5025230, 5025234, 5025239, 5025272, 5025285, 5025287, 5025288

 

Product: Microsoft Dynamics
CVEs/Advisory: CVE-2023-28313, CVE-2023-28314, CVE-2023-28309
Impact: Spoofing
KB’s: 5023894

Product: Visual Studio
CVEs/Advisory: CVE-2023-28260, CVE-2023-28262, CVE-2023-28263, CVE-2023-28296, CVE-2023-28299
Impact: Elevation of Privilege, Information Disclosure, Remote Code Execution, Spoofing

 

Product: Microsoft Office
CVEs/Advisory: CVE-2023-28285, CVE-2023-28287, CVE-2023-28288, CVE-2023-28295, CVE-2023-28311
Impact: Remote Code Execution, Spoofing
KB’s: 5002213, 5002221, 5002373, 5002375, 5002381, 5002383, 5002385

In conclusion, these were the highlights of Microsoft’s April 2023 Patch Tuesday.

 

So, use SanerNow VM and SanerNow PM to detect and automatically fix these vulnerabilities by applying security updates. Therefore, use SanerNow and keep your systems updated and secure.