The April 2023 Patchday release contains fixes for 97 CVEs (Common Vulnerabilities and Exposures) - seven rated critical and 90 rated important. One of the 97 CVEs has already been misused as a zero day in the wild.
“CVE-2023-28252 is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS). It has been exploited by criminals and is the second zero-day use of CLFS privileges this year - and the fourth in the last two years. It is also the second CLFS zero-day vulnerability disclosed by researchers from Mandiant and DBAPPSecurity (CVE-2022-37969), although it is unclear whether these two discoveries are related to the same attacker. Over the past two years, attackers seemed to have had success attacking CLFS to escalate privileges and easily steal data as part of post-compromise activities.
Windows Common Log File System
While CVE-2023-28252 was the only vulnerability exploited in the wild, out of the 97 CVEs patched this month, Microsoft rated almost 90% of the vulnerabilities as less likely to be exploited, while only 9,3% of vulnerabilities were rated "More likely to be exploited." (Satnam Narang, Senior Staff Research Engineer at Tenable)
More at Tenable.com
About Tenable Tenable is a Cyber Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.