Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws Cybernoz April 11, 2023 Posted in Bleeping Computer Tag CVE ID CVE Title Severity .NET Core CVE-2023-28260 .NET DLL Hijacking Remote Code Execution Vulnerability Important Azure Machine Learning CVE-2023-28312 Azure Machine Learning Information Disclosure Vulnerability Important Azure Service Connector CVE-2023-28300 Azure Service Connector Security Feature Bypass Vulnerability Important Microsoft Bluetooth Driver CVE-2023-28227 Windows Bluetooth Driver Remote Code Execution Vulnerability Important Microsoft Defender for Endpoint CVE-2023-24860 Microsoft Defender Denial of Service Vulnerability Important Microsoft Dynamics CVE-2023-28314 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2023-28309 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics 365 Customer Voice CVE-2023-28313 Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability Important Microsoft Edge (Chromium-based) CVE-2023-28284 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Microsoft Edge (Chromium-based) CVE-2023-1823 Chromium: CVE-2023-1823 Inappropriate implementation in FedCM Unknown Microsoft Edge (Chromium-based) CVE-2023-28301 Microsoft Edge (Chromium-based) Tampering Vulnerability Low Microsoft Edge (Chromium-based) CVE-2023-1810 Chromium: CVE-2023-1810 Heap buffer overflow in Visuals Unknown Microsoft Edge (Chromium-based) CVE-2023-24935 Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Microsoft Edge (Chromium-based) CVE-2023-1819 Chromium: CVE-2023-1819 Out of bounds read in Accessibility Unknown Microsoft Edge (Chromium-based) CVE-2023-1818 Chromium: CVE-2023-1818 Use after free in Vulkan Unknown Microsoft Edge (Chromium-based) CVE-2023-1814 Chromium: CVE-2023-1814 Insufficient validation of untrusted input in Safe Browsing Unknown Microsoft Edge (Chromium-based) CVE-2023-1821 Chromium: CVE-2023-1821 Inappropriate implementation in WebShare Unknown Microsoft Edge (Chromium-based) CVE-2023-1811 Chromium: CVE-2023-1811 Use after free in Frames Unknown Microsoft Edge (Chromium-based) CVE-2023-1820 Chromium: CVE-2023-1820 Heap buffer overflow in Browser History Unknown Microsoft Edge (Chromium-based) CVE-2023-1816 Chromium: CVE-2023-1816 Incorrect security UI in Picture In Picture Unknown Microsoft Edge (Chromium-based) CVE-2023-1815 Chromium: CVE-2023-1815 Use after free in Networking APIs Unknown Microsoft Edge (Chromium-based) CVE-2023-1822 Chromium: CVE-2023-1822 Incorrect security UI in Navigation Unknown Microsoft Edge (Chromium-based) CVE-2023-1813 Chromium: CVE-2023-1813 Inappropriate implementation in Extensions Unknown Microsoft Edge (Chromium-based) CVE-2023-1812 Chromium: CVE-2023-1812 Out of bounds memory access in DOM Bindings Unknown Microsoft Edge (Chromium-based) CVE-2023-1817 Chromium: CVE-2023-1817 Insufficient policy enforcement in Intents Unknown Microsoft Graphics Component CVE-2023-24912 Windows Graphics Component Elevation of Privilege Vulnerability Important Microsoft Message Queuing CVE-2023-21769 Microsoft Message Queuing Denial of Service Vulnerability Important Microsoft Message Queuing CVE-2023-21554 Microsoft Message Queuing Remote Code Execution Vulnerability Critical Microsoft Office CVE-2023-28285 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office Publisher CVE-2023-28295 Microsoft Publisher Remote Code Execution Vulnerability Important Microsoft Office Publisher CVE-2023-28287 Microsoft Publisher Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2023-28288 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office Word CVE-2023-28311 Microsoft Word Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-28243 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24883 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft Printer Drivers CVE-2023-24927 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24925 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24924 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24885 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24928 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24884 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24926 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24929 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24887 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Printer Drivers CVE-2023-24886 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft WDAC OLE DB provider for SQL CVE-2023-28275 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28256 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28278 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28307 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28306 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28223 Windows Domain Name Service Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28254 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28305 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28308 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28255 Windows DNS Server Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2023-28277 Windows DNS Server Information Disclosure Vulnerability Important SQL Server CVE-2023-23384 Microsoft SQL Server Remote Code Execution Vulnerability Important SQL Server CVE-2023-23375 Microsoft ODBC and OLE DB Remote Code Execution Vulnerability Important SQL Server CVE-2023-28304 Microsoft ODBC and OLE DB Remote Code Execution Vulnerability Important Visual Studio CVE-2023-28299 Visual Studio Spoofing Vulnerability Important Visual Studio CVE-2023-28262 Visual Studio Elevation of Privilege Vulnerability Important Visual Studio CVE-2023-28263 Visual Studio Information Disclosure Vulnerability Important Visual Studio CVE-2023-28296 Visual Studio Remote Code Execution Vulnerability Important Visual Studio Code CVE-2023-24893 Visual Studio Code Remote Code Execution Vulnerability Important Windows Active Directory CVE-2023-28302 Microsoft Message Queuing Denial of Service Vulnerability Important Windows ALPC CVE-2023-28236 Windows Kernel Elevation of Privilege Vulnerability Important Windows ALPC CVE-2023-28216 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2023-28218 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Boot Manager CVE-2023-28269 Windows Boot Manager Security Feature Bypass Vulnerability Important Windows Boot Manager CVE-2023-28249 Windows Boot Manager Security Feature Bypass Vulnerability Important Windows Clip Service CVE-2023-28273 Windows Clip Service Elevation of Privilege Vulnerability Important Windows CNG Key Isolation Service CVE-2023-28229 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2023-28266 Windows Common Log File System Driver Information Disclosure Vulnerability Important Windows Common Log File System Driver CVE-2023-28252 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows DHCP Server CVE-2023-28231 DHCP Server Service Remote Code Execution Vulnerability Critical Windows Enroll Engine CVE-2023-28226 Windows Enroll Engine Security Feature Bypass Vulnerability Important Windows Error Reporting CVE-2023-28221 Windows Error Reporting Service Elevation of Privilege Vulnerability Important Windows Group Policy CVE-2023-28276 Windows Group Policy Security Feature Bypass Vulnerability Important Windows Internet Key Exchange (IKE) Protocol CVE-2023-28238 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability Important Windows Kerberos CVE-2023-28244 Windows Kerberos Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-28271 Windows Kernel Memory Information Disclosure Vulnerability Important Windows Kernel CVE-2023-28248 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-28222 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-28272 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-28293 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-28253 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2023-28237 Windows Kernel Remote Code Execution Vulnerability Important Windows Kernel CVE-2023-28298 Windows Kernel Denial of Service Vulnerability Important Windows Layer 2 Tunneling Protocol CVE-2023-28219 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Layer 2 Tunneling Protocol CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Lock Screen CVE-2023-28270 Windows Lock Screen Security Feature Bypass Vulnerability Important Windows Lock Screen CVE-2023-28235 Windows Lock Screen Security Feature Bypass Vulnerability Important Windows Netlogon CVE-2023-28268 Netlogon RPC Elevation of Privilege Vulnerability Important Windows Network Address Translation (NAT) CVE-2023-28217 Windows Network Address Translation (NAT) Denial of Service Vulnerability Important Windows Network File System CVE-2023-28247 Windows Network File System Information Disclosure Vulnerability Important Windows Network Load Balancing CVE-2023-28240 Windows Network Load Balancing Remote Code Execution Vulnerability Important Windows NTLM CVE-2023-28225 Windows NTLM Elevation of Privilege Vulnerability Important Windows PGM CVE-2023-28250 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical Windows Point-to-Point Protocol over Ethernet (PPPoE) CVE-2023-28224 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability Important Windows Point-to-Point Tunneling Protocol CVE-2023-28232 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical Windows Raw Image Extension CVE-2023-28291 Raw Image Extension Remote Code Execution Vulnerability Critical Windows Raw Image Extension CVE-2023-28292 Raw Image Extension Remote Code Execution Vulnerability Important Windows RDP Client CVE-2023-28228 Windows Spoofing Vulnerability Important Windows RDP Client CVE-2023-28267 Remote Desktop Protocol Client Information Disclosure Vulnerability Important Windows Registry CVE-2023-28246 Windows Registry Elevation of Privilege Vulnerability Important Windows RPC API CVE-2023-21729 Remote Procedure Call Runtime Information Disclosure Vulnerability Important Windows RPC API CVE-2023-21727 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important Windows RPC API CVE-2023-28297 Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability Important Windows Secure Channel CVE-2023-24931 Windows Secure Channel Denial of Service Vulnerability Important Windows Secure Channel CVE-2023-28233 Windows Secure Channel Denial of Service Vulnerability Important Windows Secure Socket Tunneling Protocol (SSTP) CVE-2023-28241 Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability Important Windows Transport Security Layer (TLS) CVE-2023-28234 Windows Secure Channel Denial of Service Vulnerability Important Windows Win32K CVE-2023-28274 Windows Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-24914 Win32k Elevation of Privilege Vulnerability Important Source link