April 11, 2023

Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

April 11, 2023
5:29 pm

Tag
CVE ID
CVE Title
Severity
.NET Core
CVE-2023-28260
.NET DLL Hijacking Remote Code Execution Vulnerability
Important
Azure Machine Learning
CVE-2023-28312
Azure Machine Learning Information Disclosure Vulnerability
Important
Azure Service Connector
CVE-2023-28300
Azure Service Connector Security Feature Bypass Vulnerability
Important
Microsoft Bluetooth Driver
CVE-2023-28227
Windows Bluetooth Driver Remote Code Execution Vulnerability
Important
Microsoft Defender for Endpoint
CVE-2023-24860
Microsoft Defender Denial of Service Vulnerability
Important
Microsoft Dynamics
CVE-2023-28314
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-28309
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics 365 Customer Voice
CVE-2023-28313
Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability
Important
Microsoft Edge (Chromium-based)
CVE-2023-28284
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Moderate
Microsoft Edge (Chromium-based)
CVE-2023-1823
Chromium: CVE-2023-1823 Inappropriate implementation in FedCM
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-28301
Microsoft Edge (Chromium-based) Tampering Vulnerability
Low
Microsoft Edge (Chromium-based)
CVE-2023-1810
Chromium: CVE-2023-1810 Heap buffer overflow in Visuals
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-24935
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Low
Microsoft Edge (Chromium-based)
CVE-2023-1819
Chromium: CVE-2023-1819 Out of bounds read in Accessibility
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1818
Chromium: CVE-2023-1818 Use after free in Vulkan
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1814
Chromium: CVE-2023-1814 Insufficient validation of untrusted input in Safe Browsing
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1821
Chromium: CVE-2023-1821 Inappropriate implementation in WebShare
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1811
Chromium: CVE-2023-1811 Use after free in Frames
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1820
Chromium: CVE-2023-1820 Heap buffer overflow in Browser History
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1816
Chromium: CVE-2023-1816 Incorrect security UI in Picture In Picture
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1815
Chromium: CVE-2023-1815 Use after free in Networking APIs
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1822
Chromium: CVE-2023-1822 Incorrect security UI in Navigation
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1813
Chromium: CVE-2023-1813 Inappropriate implementation in Extensions
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1812
Chromium: CVE-2023-1812 Out of bounds memory access in DOM Bindings
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1817
Chromium: CVE-2023-1817 Insufficient policy enforcement in Intents
Unknown
Microsoft Graphics Component
CVE-2023-24912
Windows Graphics Component Elevation of Privilege Vulnerability
Important
Microsoft Message Queuing
CVE-2023-21769
Microsoft Message Queuing Denial of Service Vulnerability
Important
Microsoft Message Queuing
CVE-2023-21554
Microsoft Message Queuing Remote Code Execution Vulnerability
Critical
Microsoft Office
CVE-2023-28285
Microsoft Office Graphics Remote Code Execution Vulnerability
Important
Microsoft Office Publisher
CVE-2023-28295
Microsoft Publisher Remote Code Execution Vulnerability
Important
Microsoft Office Publisher
CVE-2023-28287
Microsoft Publisher Remote Code Execution Vulnerability
Important
Microsoft Office SharePoint
CVE-2023-28288
Microsoft SharePoint Server Spoofing Vulnerability
Important
Microsoft Office Word
CVE-2023-28311
Microsoft Word Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-28243
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24883
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24927
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24925
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24924
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24885
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24928
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24884
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24926
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24929
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24887
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24886
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft WDAC OLE DB provider for SQL
CVE-2023-28275
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28256
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28278
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28307
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28306
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28223
Windows Domain Name Service Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28254
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28305
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28308
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28255
Windows DNS Server Remote Code Execution Vulnerability
Important
Microsoft Windows DNS
CVE-2023-28277
Windows DNS Server Information Disclosure Vulnerability
Important
SQL Server
CVE-2023-23384
Microsoft SQL Server Remote Code Execution Vulnerability
Important
SQL Server
CVE-2023-23375
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
Important
SQL Server
CVE-2023-28304
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
Important
Visual Studio
CVE-2023-28299
Visual Studio Spoofing Vulnerability
Important
Visual Studio
CVE-2023-28262
Visual Studio Elevation of Privilege Vulnerability
Important
Visual Studio
CVE-2023-28263
Visual Studio Information Disclosure Vulnerability
Important
Visual Studio
CVE-2023-28296
Visual Studio Remote Code Execution Vulnerability
Important
Visual Studio Code
CVE-2023-24893
Visual Studio Code Remote Code Execution Vulnerability
Important
Windows Active Directory
CVE-2023-28302
Microsoft Message Queuing Denial of Service Vulnerability
Important
Windows ALPC
CVE-2023-28236
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows ALPC
CVE-2023-28216
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Important
Windows Ancillary Function Driver for WinSock
CVE-2023-28218
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Important
Windows Boot Manager
CVE-2023-28269
Windows Boot Manager Security Feature Bypass Vulnerability
Important
Windows Boot Manager
CVE-2023-28249
Windows Boot Manager Security Feature Bypass Vulnerability
Important
Windows Clip Service
CVE-2023-28273
Windows Clip Service Elevation of Privilege Vulnerability
Important
Windows CNG Key Isolation Service
CVE-2023-28229
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
Important
Windows Common Log File System Driver
CVE-2023-28266
Windows Common Log File System Driver Information Disclosure Vulnerability
Important
Windows Common Log File System Driver
CVE-2023-28252
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Important
Windows DHCP Server
CVE-2023-28231
DHCP Server Service Remote Code Execution Vulnerability
Critical
Windows Enroll Engine
CVE-2023-28226
Windows Enroll Engine Security Feature Bypass Vulnerability
Important
Windows Error Reporting
CVE-2023-28221
Windows Error Reporting Service Elevation of Privilege Vulnerability
Important
Windows Group Policy
CVE-2023-28276
Windows Group Policy Security Feature Bypass Vulnerability
Important
Windows Internet Key Exchange (IKE) Protocol
CVE-2023-28238
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
Important
Windows Kerberos
CVE-2023-28244
Windows Kerberos Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-28271
Windows Kernel Memory Information Disclosure Vulnerability
Important
Windows Kernel
CVE-2023-28248
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-28222
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-28272
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-28293
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-28253
Windows Kernel Information Disclosure Vulnerability
Important
Windows Kernel
CVE-2023-28237
Windows Kernel Remote Code Execution Vulnerability
Important
Windows Kernel
CVE-2023-28298
Windows Kernel Denial of Service Vulnerability
Important
Windows Layer 2 Tunneling Protocol
CVE-2023-28219
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Critical
Windows Layer 2 Tunneling Protocol
CVE-2023-28220
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Critical
Windows Lock Screen
CVE-2023-28270
Windows Lock Screen Security Feature Bypass Vulnerability
Important
Windows Lock Screen
CVE-2023-28235
Windows Lock Screen Security Feature Bypass Vulnerability
Important
Windows Netlogon
CVE-2023-28268
Netlogon RPC Elevation of Privilege Vulnerability
Important
Windows Network Address Translation (NAT)
CVE-2023-28217
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Important
Windows Network File System
CVE-2023-28247
Windows Network File System Information Disclosure Vulnerability
Important
Windows Network Load Balancing
CVE-2023-28240
Windows Network Load Balancing Remote Code Execution Vulnerability
Important
Windows NTLM
CVE-2023-28225
Windows NTLM Elevation of Privilege Vulnerability
Important
Windows PGM
CVE-2023-28250
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Critical
Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-28224
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
Important
Windows Point-to-Point Tunneling Protocol
CVE-2023-28232
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Critical
Windows Raw Image Extension
CVE-2023-28291
Raw Image Extension Remote Code Execution Vulnerability
Critical
Windows Raw Image Extension
CVE-2023-28292
Raw Image Extension Remote Code Execution Vulnerability
Important
Windows RDP Client
CVE-2023-28228
Windows Spoofing Vulnerability
Important
Windows RDP Client
CVE-2023-28267
Remote Desktop Protocol Client Information Disclosure Vulnerability
Important
Windows Registry
CVE-2023-28246
Windows Registry Elevation of Privilege Vulnerability
Important
Windows RPC API
CVE-2023-21729
Remote Procedure Call Runtime Information Disclosure Vulnerability
Important
Windows RPC API
CVE-2023-21727
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Important
Windows RPC API
CVE-2023-28297
Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability
Important
Windows Secure Channel
CVE-2023-24931
Windows Secure Channel Denial of Service Vulnerability
Important
Windows Secure Channel
CVE-2023-28233
Windows Secure Channel Denial of Service Vulnerability
Important
Windows Secure Socket Tunneling Protocol (SSTP)
CVE-2023-28241
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
Important
Windows Transport Security Layer (TLS)
CVE-2023-28234
Windows Secure Channel Denial of Service Vulnerability
Important
Windows Win32K
CVE-2023-28274
Windows Win32k Elevation of Privilege Vulnerability
Important
Windows Win32K
CVE-2023-24914
Win32k Elevation of Privilege Vulnerability
Important

Adblock test (Why?)

Insights

Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

Share:

Related Posts

HackerOne paid $81 million in bug bounties over the past year

DrayTek warns of remote code execution bug in Vigor routers

Microsoft Outlook stops displaying inline SVG images used in attacks

Clop extortion emails claim theft of Oracle E-Business Suite data

Red Hat confirms security incident after hackers claim GitHub breach

Android spyware campaigns impersonate Signal and ToTok messengers

Share:

Quick Links

Support

Need help?

Location

Looking for collaboration?

Get in touch