Microsoft Patch Tuesday – February 2023

Patch Tuesday is once again upon us. The February 2023 edition of Patch Tuesday brings us 76 fixes, with 8 rated as critical. We’ve listed the most important changes below.

⚡ TL;DR | Go Straight to the February 2023 Patch Tuesday Audit Report

Microsoft Protected Extensible Authentication Protocol (PEAP) Vulnerabilities

The most severe vulnerability fixed this month is a slew of vulnerabilities in the Protected Extensible Authentication Protocol (PEAP). Two of them are rated as critical by Microsoft and have the additional warning that exploitation is „more likely“.

Microsoft PEAP is a network authentication protocol used to secure wireless or wired connections. It creates a secure tunnel between the client and server using Transport Layer Security (TLS) encryption to protect the exchange of authentication credentials. The protocol uses a combination of digital certificates and user credentials to establish trust between the client and the authentication server.

CVE Number	Vulnerability Type	Severity
CVE-2023-21701	Denial of Service	Important
CVE-2023-21695	Remote Code Execution	Important
CVE-2023-21692	Remote Code Execution	Critical
CVE-2023-21691	Information Disclosure	Important
CVE-2023-21690	Remote Code Execution	Critical
CVE-2023-21689	Remote Code Execution	Critical

PEAP is only negotiated with the client if NPS is running on the Windows Server and has a network policy configured that allows PEAP. Since this means it is not a default configuration, you’re only at risk if you’ve got it enabled in your network environment. Unauthenticated attackers can exploit the vulnerabilities by sending specially crafted malicious PEAP packets over the network.

Visual Studio Vulnerabilities

Next up are four Visual Studio vulnerabilities, two of which are rated as critical. The remote code execution vulnerabilities are the most critical ones but also must be initiated from local machines. Both of these have a CVSS 3.0 base score of 8.4. The two leftover vulnerabilities, one Denial of Service and one Elevation of Privilege have lower CVSS scores.

CVE Number	Vulnerability Type	Severity
CVE-2023-23381	Remote Code Execution	Critical
CVE-2023-21815	Remote Code Execution	Critical
CVE-2023-21567	Denial of Service	Important
CVE-2023-21566	Elevation of Privilege	Important

4 New Exchange RCE Vulnerabilities

CVE-2023-21710, CVE-2023-21707, CVE-2023-21706, and CVE-2023-21529 were all fixed in the most recent updates. Four new Remote Code Execution vulnerabilities with a CVSS base score between 7.2 – 8.8. While none of them are listed by Microsoft as critical, all of them aside from CVE-2023-21710 do mention that exploitation is more likely.

The more likely to be exploited vulnerabilities, do require the attacker to be authenticated and the attacker could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call

Run the Patch Tuesday February 2023 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday February 2023 CVE Codes & Titles

CVE Number	CVE Title
CVE-2019-15126	Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device
CVE-2023-21528	Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2023-21529	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21553	Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-21564	Azure DevOps Server Cross-Site Scripting Vulnerability
CVE-2023-21566	Visual Studio Elevation of Privilege Vulnerability
CVE-2023-21567	Visual Studio Denial of Service Vulnerability
CVE-2023-21568	Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability
CVE-2023-21570	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21571	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21572	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21573	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21684	Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
CVE-2023-21685	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21686	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21687	HTTP.sys Information Disclosure Vulnerability
CVE-2023-21688	NT OS Kernel Elevation of Privilege Vulnerability
CVE-2023-21689	Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21690	Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21691	Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability
CVE-2023-21692	Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21693	Microsoft PostScript Printer Driver Information Disclosure Vulnerability
CVE-2023-21694	Windows Fax Service Remote Code Execution Vulnerability
CVE-2023-21695	Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21697	Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-21699	Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-21700	Windows iSCSI Discovery Service Denial of Service Vulnerability
CVE-2023-21701	Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
CVE-2023-21702	Windows iSCSI Service Denial of Service Vulnerability
CVE-2023-21703	Azure Data Box Gateway Remote Code Execution Vulnerability
CVE-2023-21704	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-21705	Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2023-21706	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21707	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21710	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21713	Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2023-21714	Microsoft Office Information Disclosure Vulnerability
CVE-2023-21715	Microsoft Publisher Security Features Bypass Vulnerability
CVE-2023-21716	Microsoft Word Remote Code Execution Vulnerability
CVE-2023-21717	Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-21718	Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21721	Microsoft OneNote Spoofing Vulnerability
CVE-2023-21722	.NET Framework Denial of Service Vulnerability
CVE-2023-21777	Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2023-21778	Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability
CVE-2023-21797	Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21798	Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21799	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21800	Windows Installer Elevation of Privilege Vulnerability
CVE-2023-21801	Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
CVE-2023-21802	Windows Media Remote Code Execution Vulnerability
CVE-2023-21803	Windows iSCSI Discovery Service Remote Code Execution Vulnerability
CVE-2023-21804	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-21805	Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-21806	Power BI Report Server Spoofing Vulnerability
CVE-2023-21807	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21808	.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-21809	Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
CVE-2023-21811	Windows iSCSI Service Denial of Service Vulnerability
CVE-2023-21812	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-21813	Windows Secure Channel Denial of Service Vulnerability
CVE-2023-21815	Visual Studio Remote Code Execution Vulnerability
CVE-2023-21816	Windows Active Directory Domain Services API Denial of Service Vulnerability
CVE-2023-21817	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2023-21818	Windows Secure Channel Denial of Service Vulnerability
CVE-2023-21819	Windows Secure Channel Denial of Service Vulnerability
CVE-2023-21820	Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2023-21822	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-21823	Windows Graphics Component Remote Code Execution Vulnerability
CVE-2023-23376	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-23377	3D Builder Remote Code Execution Vulnerability
CVE-2023-23378	Print 3D Remote Code Execution Vulnerability
CVE-2023-23379	Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2023-23381	Visual Studio Remote Code Execution Vulnerability
CVE-2023-23382	Azure Machine Learning Compute Instance Information Disclosure Vulnerability
CVE-2023-23390	3D Builder Remote Code Execution Vulnerability