Microsoft Patch Tuesday – February 2023

Patch Tuesday is once again upon us. The February 2023 edition of Patch Tuesday brings us 76 fixes, with 8 rated as critical. We've listed the most important changes below.

⚡ TL;DR | Go Straight to the February 2023 Patch Tuesday Audit Report

Microsoft Protected Extensible Authentication Protocol (PEAP) Vulnerabilities

The most severe vulnerability fixed this month is a slew of vulnerabilities in the Protected Extensible Authentication Protocol (PEAP). Two of them are rated as critical by Microsoft and have the additional warning that exploitation is "more likely".

Microsoft PEAP is a network authentication protocol used to secure wireless or wired connections. It creates a secure tunnel between the client and server using Transport Layer Security (TLS) encryption to protect the exchange of authentication credentials. The protocol uses a combination of digital certificates and user credentials to establish trust between the client and the authentication server.

CVE NumberVulnerability TypeSeverity
CVE-2023-21701Denial of ServiceImportant
CVE-2023-21695Remote Code ExecutionImportant
CVE-2023-21692Remote Code ExecutionCritical
CVE-2023-21691Information DisclosureImportant
CVE-2023-21690Remote Code ExecutionCritical
CVE-2023-21689Remote Code ExecutionCritical

PEAP is only negotiated with the client if NPS is running on the Windows Server and has a network policy configured that allows PEAP. Since this means it is not a default configuration, you're only at risk if you've got it enabled in your network environment. Unauthenticated attackers can exploit the vulnerabilities by sending specially crafted malicious PEAP packets over the network.

Visual Studio Vulnerabilities

Next up are four Visual Studio vulnerabilities, two of which are rated as critical. The remote code execution vulnerabilities are the most critical ones but also must be initiated from local machines. Both of these have a CVSS 3.0 base score of 8.4. The two leftover vulnerabilities, one Denial of Service and one Elevation of Privilege have lower CVSS scores.

CVE NumberVulnerability TypeSeverity
CVE-2023-23381Remote Code ExecutionCritical
CVE-2023-21815Remote Code ExecutionCritical
CVE-2023-21567Denial of ServiceImportant
CVE-2023-21566Elevation of PrivilegeImportant

4 New Exchange RCE Vulnerabilities

CVE-2023-21710, CVE-2023-21707, CVE-2023-21706, and CVE-2023-21529 were all fixed in the most recent updates. Four new Remote Code Execution vulnerabilities with a CVSS base score between 7.2 - 8.8. While none of them are listed by Microsoft as critical, all of them aside from CVE-2023-21710 do mention that exploitation is more likely.

The more likely to be exploited vulnerabilities, do require the attacker to be authenticated and the attacker could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call

Run the Patch Tuesday February 2023 Audit

To help manage your update progress, we've created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday February 2023 CVE Codes & Titles

CVE NumberCVE Title
CVE-2019-15126Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device
CVE-2023-21528Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2023-21529Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21553Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-21564Azure DevOps Server Cross-Site Scripting Vulnerability
CVE-2023-21566Visual Studio Elevation of Privilege Vulnerability
CVE-2023-21567Visual Studio Denial of Service Vulnerability
CVE-2023-21568Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability
CVE-2023-21570Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21571Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21572Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21573Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21684Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
CVE-2023-21685Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21686Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21687HTTP.sys Information Disclosure Vulnerability
CVE-2023-21688NT OS Kernel Elevation of Privilege Vulnerability
CVE-2023-21689Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21690Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21691Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability
CVE-2023-21692Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21693Microsoft PostScript Printer Driver Information Disclosure Vulnerability
CVE-2023-21694Windows Fax Service Remote Code Execution Vulnerability
CVE-2023-21695Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-21697Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-21699Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-21700Windows iSCSI Discovery Service Denial of Service Vulnerability
CVE-2023-21701Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
CVE-2023-21702Windows iSCSI Service Denial of Service Vulnerability
CVE-2023-21703Azure Data Box Gateway Remote Code Execution Vulnerability
CVE-2023-21704Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-21705Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2023-21706Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21707Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21710Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21713Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2023-21714Microsoft Office Information Disclosure Vulnerability
CVE-2023-21715Microsoft Publisher Security Features Bypass Vulnerability
CVE-2023-21716Microsoft Word Remote Code Execution Vulnerability
CVE-2023-21717Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-21718Microsoft SQL ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21721Microsoft OneNote Spoofing Vulnerability
CVE-2023-21722.NET Framework Denial of Service Vulnerability
CVE-2023-21777Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2023-21778Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability
CVE-2023-21797Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21798Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21799Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21800Windows Installer Elevation of Privilege Vulnerability
CVE-2023-21801Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
CVE-2023-21802Windows Media Remote Code Execution Vulnerability
CVE-2023-21803Windows iSCSI Discovery Service Remote Code Execution Vulnerability
CVE-2023-21804Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-21805Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-21806Power BI Report Server Spoofing Vulnerability
CVE-2023-21807Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-21808.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-21809Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
CVE-2023-21811Windows iSCSI Service Denial of Service Vulnerability
CVE-2023-21812Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-21813Windows Secure Channel Denial of Service Vulnerability
CVE-2023-21815Visual Studio Remote Code Execution Vulnerability
CVE-2023-21816Windows Active Directory Domain Services API Denial of Service Vulnerability
CVE-2023-21817Windows Kerberos Elevation of Privilege Vulnerability
CVE-2023-21818Windows Secure Channel Denial of Service Vulnerability
CVE-2023-21819Windows Secure Channel Denial of Service Vulnerability
CVE-2023-21820Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2023-21822Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-21823Windows Graphics Component Remote Code Execution Vulnerability
CVE-2023-23376Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-233773D Builder Remote Code Execution Vulnerability
CVE-2023-23378Print 3D Remote Code Execution Vulnerability
CVE-2023-23379Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2023-23381Visual Studio Remote Code Execution Vulnerability
CVE-2023-23382Azure Machine Learning Compute Instance Information Disclosure Vulnerability
CVE-2023-233903D Builder Remote Code Execution Vulnerability

Receive the Latest Patch Tuesday Report for FREE Every Month

  • Hidden
  • This field is for validation purposes and should be left unchanged.

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​