This week marked the scheduled release of monthly security updates from Microsoft. With April 2023 Patch Tuesday updates, Microsoft addressed 97 different security flaws across different products. The most notable fix includes a zero-day patch for a privilege escalation vulnerability that remained unexploited despite disclosure.
Microsoft Patch Tuesday April Updates
As elaborated in Microsoft’s advisory, an important severity privilege escalation flaw affected the Windows Common Log File System Driver. The vulnerability, identified as CVE-2023-28252, could allow an attacker to gain system privileges on the target device.
According to ZDI, fixing a similar vulnerability in a two-months time hints the repatching of the same issue as the previous one didn’t work. However, Microsoft hasn’t officially confirmed anything in this regard. Whether it’s the same issue or not, the fact remains that the Windows CLFS driver developed a zero-day twice within a short time.
Besides this important update, Microsoft patched 96 other vulnerabilities across different products, including 7 critical severity vulnerabilities. All the vulnerabilities could lead to remote code execution when exploited.
Alongside these bug fixes, the tech giant patched 89 other important-severity vulnerabilities, fixing a bunch of security issues in Windows Kernel, Windows DNS Server, Microsoft PostScript and PCL6 Class Printer Driver, and more. The impact of these vulnerabilities following malicious exploitation ranged from remote code execution to privilege escalation and information disclosure.
One of these flaws includes an RCE bug in Microsoft Word. Identified as CVE-2023-28311 (CVSS 7.8), the vulnerability seemed easily exploitable as an adversary could trigger the flaw by merely luring the target user into clicking a maliciously crafted document. Nonetheless, Microsoft confirmed discovering no active exploitation for the flaw before the fix.
Alongside these bug fixes, the April Patch Tuesday also includes patches for some already-known low-severity vulnerabilities in Microsoft Edge.
Although, the entire update bundle would reach Microsoft users automatically. Yet, it’s still safe to ensure updating the systems manually to receive the bug fixes soon and avoid malicious attacks.
Let us know your thoughts in the comments.