overview: On the second Tuesday of each month, Microsoft rolls out its newest set of safety fixes. Microsoft has used the unofficial definition of “Patch Tuesday” for the previous 20 years to explain the safety fixes the corporate releases for Windows and different merchandise.
For April 2023, the corporate’s replace focuses on closing a number of vulnerabilities in addition to one vital zero-day vulnerability.
According to Microsoft’s official safety bulletin, the April 2023 patch supplies updates for a lot of Windows parts, together with the kernel, Win32K API, .NET Core, Azure cloud platform, Microsoft Office functions, Visual Studio, and Windows Active Directory. All instructed, the newest Patch Tuesday fixes 97 safety vulnerabilities.
Seven of the vulnerabilities are categorized as a “vital” danger stage as a result of they could possibly be abused for distant execution of doubtless malicious code. The Patch Tuesday vulnerabilities are categorized as follows: 20 privilege escalation vulnerabilities, 8 safety function bypass vulnerabilities, 45 distant code execution vulnerabilities, 10 info disclosure vulnerabilities, 9 denial of service vulnerabilities, and 6 spoofing vulnerabilities.
The record doesn’t embody the 17 safety flaws in Microsoft Edge that had been mounted every week in the past. Bleeping Computer has printed a full report on all bugs and associated suggestions. In addition to safety fixes, on Patch Tuesday, Microsoft additionally rolled out cumulative non-security updates for Windows 11 (KB5025239) and Windows 10 (KB5025221, KB5025229).
The single zero-day vulnerability is tracked as CVE-2023-28252, or “Windows Common Log File System Driver Elevation of Privilege Vulnerability.” An attacker who efficiently exploited the vulnerability may achieve system privileges, that means they might achieve the very best stage of entry out there on the Windows working system, Microsoft defined.
According to safety researchers, cybercriminals are already attempting to take advantage of the CVE-2023-28252 vulnerability to unfold the Nokoyawa ransomware to organizations belonging to the wholesale, power, manufacturing, and healthcare industries. The flaw is just like one other privilege escalation vulnerability that Microsoft mounted in February, which in accordance with Project Zero researcher Dustin Childs signifies that the preliminary repair wasn’t sufficient and attackers have discovered new methods to bypass it.
Microsoft rolls out the newest patches via replace administration methods reminiscent of Windows Update, WSUS, and direct obtain from the Microsoft Update Catalog web site. Other software program firms releasing safety updates to coincide with this month’s Microsoft Patch Tuesday embody Apple, Cisco, Fortinet, Google and SAP.