Picture: katleho Seisa/Getty Photographs
Microsoft’s February Patch Tuesday brings fixes for 75 flaws, and amongst them are fixes for 3 vulnerabilities for which exploits exist already.
The three zero days have an effect on Microsoft Writer, the Home windows Frequent Log File System Driver, and the Home windows Graphics Part.
Additionally: Microsoft: We’re monitoring these 100 lively ransomware gangs utilizing 50 forms of malware
The Microsoft Writer flaw, CVE-2023-21715, is a safety function bypass vulnerability with an “vital” severity score from Microsoft. An attacker may bypass Workplace macro insurance policies used to dam untrusted or malicious recordsdata. Usually, Workplace alerts customers {that a} file is untrusted earlier than permitting it to run.
The attacker may trick a goal into opening a specifically crafted file from a web site. Nevertheless, Microsoft notes the “assault itself is carried out domestically by a person with authentication to the focused system.” This impacts Writer delivered with Microsoft 365 Apps for Enterprise. The problem was reported by Hidetake Jo from Microsoft.
The Home windows Frequent Log File System Driver is affected by an elevation of privilege vulnerability, CVE-2023-23376. Microsoft charges it as “vital” and notes the bug may give an attacker System-level privileges. It was reported by Microsoft Menace Intelligence Middle (MSTIC) and Microsoft Safety Response Middle (MSRC).
The Home windows Graphics Part flaw, CVE-2023-21823, is a distant code execution (RCE) vulnerability, however solely has an “vital” score regardless of it being an RCE and the existence of mature exploit code.
Exploitation permits an attacker to achieve System-level privileges. Microsoft would not say how it may be exploited and, whereas the bug impacts Home windows, Microsoft notes that Home windows apps will probably be up to date through the Microsoft Retailer and that OneNote for Android might be up to date through Google Play. The bug was reported by Mandiant researchers Dhanesh Kizhakkinan and Genwei Jiang.
There are fixes for 9 essential bugs this month, all of that are distant code execution flaws, in accordance with the Zero Day Initiative’s tally. These have an effect on .NET and Visible Studio, Microsoft Protected Extensible Authentication Protocol, Microsoft SQL ODBC Driver, Microsoft Phrase, and the Home windows iSCSI Discovery Service. There are 66 medium-severity flaws and one medium-severity flaw that affected a number of Wi-Fi units with a repair now being built-in into Microsoft merchandise.
Safety agency Rapid7 notes that Microsoft has now began to incorporate in its Patch Tuesday disclosures about flaws affecting CBL-Mariner, Microsoft’s personal Linux OS distribution for Azure. Mariner is utilized by Microsoft internally and is in manufacturing with Xbox, Playful, Minecraft, and over 100 Azure providers, together with Azure Kubernetes Service.
Microsoft in January introduced it was sharing CBL-Mariner CVEs within the Safety Replace Information.
Admins nonetheless working Home windows 8.1 ought to take be aware additionally of this Patch Tuesday because it was the primary one because the finish of the Home windows 8.1 Prolonged Safety Updates program.
Additionally: Cybersecurity employees are struggling. This is learn how to assist them higher
“Admins accountable for Home windows Server 2008 cases ought to be aware that ESU for Home windows Server 2008 is now solely obtainable for cases hosted in Azure or on-premises cases hosted through Azure Stack. Cases of Home windows Server 2008 hosted in a non-Azure context will not obtain safety updates, so will ceaselessly stay weak to any new vulnerabilities, together with the 2 zero-days coated above,” famous Rapid7’s Adam Barnett.