Patches for 75 vulnerabilities

B2B Cyber ​​Security ShortNews

Share post

The February 2023 Patchday release contains patches for 75 CVEs - nine rated critical and 66 rated important. Also included: Elevation of rights error in Windows, circumvention of security functions in Microsoft Office or security gaps in Microsoft Exchange Server.

This month Microsoft fixed three zero-day vulnerabilities exploited by attackers in the wild, including two elevation of privilege bugs and one security feature bypass bug.



Microsoft has patched CVE-2023-23376, an elevation of privilege bug in the Common Log File System (CLFS) driver. Its discovery is credited to researchers at the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC), although details of its exploitation in the wild have not yet been released. Interestingly, Microsoft patched two similar bugs in the CLFS driver in 2022. CVE-2022-37969 was patched as part of the April 2022 patchday release and is credited to researchers at NSA and CrowdStrike, while CVE-2022-37969 was patched as part of the September 2022 patchday and is credited to multiple research institutions.


CVE-2023-21823 is an additional elevation of privilege flaw, this time in the Microsoft Windows graphics component, that has been exploited in the wild. The ability to elevate privileges once on a target system is important for attackers who want to cause more damage. These vulnerabilities are useful in a variety of contexts, whether an attacker is launching an attack by exploiting known vulnerabilities or through spear phishing and malware payloads, which is why we often see privilege elevation vulnerabilities routinely appearing in Patchday releases that are found in the wild be exploited. Client researchers have been credited with discovering this bug.



CVE-2023-21715 is a security feature bypass in Microsoft Office. This vulnerability was also exploited in the wild. A local, authenticated attacker could exploit this vulnerability by using social engineering techniques to convince a would-be victim to run a specially crafted file on their system, which would result in bypassing Microsoft Office security features typically used by the would block execution of macros. Its discovery is credited to Hidetake Jo, a researcher at Microsoft.

Microsoft Exchange Server

Microsoft has also patched three vulnerabilities in Microsoft Exchange Server (CVE-2023-21706, CVE-2023-21707, CVE-2023-21529) that are classified as more likely to be exploited. In recent years, Microsoft Exchange Servers around the world have been hit by multiple vulnerabilities ranging from ProxyLogon to ProxyShell and more recently ProxyNotShell, OWASSRF and TabShell. These vulnerabilities have become valuable assets for state-sponsored cybercriminals from Iran, Russia, and the People's Republic of China to run ransomware groups and their affiliates in devastating ransomware attacks. We strongly encourage organizations that rely on Microsoft Exchange Server to ensure they have the latest cumulative updates for Exchange Server applied."

More at


About Tenable

Tenable is a Cyber ​​Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.


Matching articles on the topic

Bitmarck & health insurance companies: There are still failures

More than 2 months ago, the IT provider for dozens of health insurance companies and company health insurance companies, Bitmarck, was hit by a cyber attack. Even whole had to ➡ Read more

AOK: Software vulnerability - BSI confirms data leak

The AOK and many of their nationwide offices use the software product MOVEit Transfer. There is now the dangerous vulnerability CVE-2023-34362, ➡ Read more

China malware: Volt Typhoon targets critical US infrastructure

Microsoft investigated the Volt Typhoon malware and determined that it was created by a state-sponsored actor based in China ➡ Read more

COSMICENERGY: OT malware is designed to cause power outages

Mandiant is reporting a new specialized Operational Technology (OT) malware being observed under the name COSMICENERGY. The malware ➡ Read more

Lockbit steals 700 GB of data from MCNA with 9 million customers

MCNA Dental, North America's largest dental insurer, has had to inform all of its nearly 9 million customers at a loss of 700 ➡ Read more

Zero Trust: Advanced User Intelligence

A Zero Trust Data Security company presents its Advanced User Intelligence. The new functions support companies in preventing cyber attacks ➡ Read more

Attacks using Web3 IPFS technology

IPFS is a Web3 technology that decentralizes and distributes the storage of files and other data on a peer-to-peer network. Like any ➡ Read more

Tesla: Employee probably passed on 100 GB of data

According to a report by the Handelsblatt, a former Tesla employee claims to have stolen 100 GB of data and has given it to the editors ➡ Read more