Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws

TagCVE IDCVE TitleSeverity.NET and Visual StudioCVE-2023-21808.NET and Visual Studio Remote Code Execution VulnerabilityCritical.NET FrameworkCVE-2023-21722.NET Framework Denial of Service VulnerabilityImportant3D BuilderCVE-2023-233903D Builder Remote Code Execution VulnerabilityImportant3D BuilderCVE-2023-233773D Builder Remote Code Execution VulnerabilityImportant3D BuilderCVE-2023-23378Print 3D Remote Code Execution VulnerabilityImportantAzure App ServiceCVE-2023-21777Azure App Service on Azure Stack Hub Elevation of Privilege VulnerabilityImportantAzure Data Box GatewayCVE-2023-21703Azure Data Box Gateway Remote Code Execution VulnerabilityImportantAzure DevOpsCVE-2023-21564Azure DevOps Server Cross-Site Scripting VulnerabilityImportantAzure DevOpsCVE-2023-21553Azure DevOps Server Remote Code Execution VulnerabilityImportantAzure Machine LearningCVE-2023-23382Azure Machine Learning Compute Instance Information Disclosure VulnerabilityImportantHoloLensCVE-2019-15126MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN deviceUnknownInternet Storage Name ServiceCVE-2023-21699Windows Internet Storage Name Service (iSNS) Server Information Disclosure VulnerabilityImportantInternet Storage Name ServiceCVE-2023-21697Windows Internet Storage Name Service (iSNS) Server Information Disclosure VulnerabilityImportantMarinerCVE-2022-43552UnknownUnknownMicrosoft Defender for EndpointCVE-2023-21809Microsoft Defender for Endpoint Security Feature Bypass VulnerabilityImportantMicrosoft Defender for IoTCVE-2023-23379Microsoft Defender for IoT Elevation of Privilege VulnerabilityImportantMicrosoft DynamicsCVE-2023-21807Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2023-21573Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2023-21571Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2023-21572Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2023-21778Microsoft Dynamics Unified Service Desk Remote Code Execution VulnerabilityImportantMicrosoft DynamicsCVE-2023-21570Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft Edge (Chromium-based)CVE-2023-23374Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityModerateMicrosoft Edge (Chromium-based)CVE-2023-21794Microsoft Edge (Chromium-based) Spoofing VulnerabilityLowMicrosoft Edge (Chromium-based)CVE-2023-21720Microsoft Edge (Chromium-based) Tampering VulnerabilityLowMicrosoft Exchange ServerCVE-2023-21710Microsoft Exchange Server Remote Code Execution VulnerabilityImportantMicrosoft Exchange ServerCVE-2023-21707Microsoft Exchange Server Remote Code Execution VulnerabilityImportantMicrosoft Exchange ServerCVE-2023-21706Microsoft Exchange Server Remote Code Execution VulnerabilityImportantMicrosoft Exchange ServerCVE-2023-21529Microsoft Exchange Server Remote Code Execution VulnerabilityImportantMicrosoft Graphics ComponentCVE-2023-21804Windows Graphics Component Elevation of Privilege VulnerabilityImportantMicrosoft Graphics ComponentCVE-2023-21823Windows Graphics Component Remote Code Execution VulnerabilityImportantMicrosoft OfficeCVE-2023-21714Microsoft Office Information Disclosure VulnerabilityImportantMicrosoft Office OneNoteCVE-2023-21721Microsoft OneNote Spoofing VulnerabilityImportantMicrosoft Office PublisherCVE-2023-21715Microsoft Publisher Security Features Bypass VulnerabilityImportantMicrosoft Office SharePointCVE-2023-21717Microsoft SharePoint Server Elevation of Privilege VulnerabilityImportantMicrosoft Office WordCVE-2023-21716Microsoft Word Remote Code Execution VulnerabilityCriticalMicrosoft PostScript Printer DriverCVE-2023-21693Microsoft PostScript Printer Driver Information Disclosure VulnerabilityImportantMicrosoft PostScript Printer DriverCVE-2023-21801Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft PostScript Printer DriverCVE-2023-21684Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2023-21686Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2023-21685Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2023-21799Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft Windows Codecs LibraryCVE-2023-21802Windows Media Remote Code Execution VulnerabilityImportantPower BICVE-2023-21806Power BI Report Server Spoofing VulnerabilityImportantSQL ServerCVE-2023-21713Microsoft SQL Server Remote Code Execution VulnerabilityImportantSQL ServerCVE-2023-21718Microsoft SQL ODBC Driver Remote Code Execution VulnerabilityCriticalSQL ServerCVE-2023-21528Microsoft SQL Server Remote Code Execution VulnerabilityImportantSQL ServerCVE-2023-21705Microsoft SQL Server Remote Code Execution VulnerabilityImportantSQL ServerCVE-2023-21568Microsoft SQL Server Integration Service (VS extension) Remote Code Execution VulnerabilityImportantSQL ServerCVE-2023-21704Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityImportantVisual StudioCVE-2023-21566Visual Studio Elevation of Privilege VulnerabilityImportantVisual StudioCVE-2023-21815Visual Studio Remote Code Execution VulnerabilityCriticalVisual StudioCVE-2023-23381Visual Studio Remote Code Execution VulnerabilityCriticalVisual StudioCVE-2023-21567Visual Studio Denial of Service VulnerabilityImportantWindows Active DirectoryCVE-2023-21816Windows Active Directory Domain Services API Denial of Service VulnerabilityImportantWindows ALPCCVE-2023-21688NT OS Kernel Elevation of Privilege VulnerabilityImportantWindows Common Log File System DriverCVE-2023-23376Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportantWindows Common Log File System DriverCVE-2023-21812Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportantWindows Cryptographic ServicesCVE-2023-21813Windows Secure Channel Denial of Service VulnerabilityImportantWindows Cryptographic ServicesCVE-2023-21819Windows Secure Channel Denial of Service VulnerabilityImportantWindows Distributed File System (DFS)CVE-2023-21820Windows Distributed File System (DFS) Remote Code Execution VulnerabilityImportantWindows Fax and Scan ServiceCVE-2023-21694Windows Fax Service Remote Code Execution VulnerabilityImportantWindows HTTP.sysCVE-2023-21687HTTP.sys Information Disclosure VulnerabilityImportantWindows InstallerCVE-2023-21800Windows Installer Elevation of Privilege VulnerabilityImportantWindows iSCSICVE-2023-21803Windows iSCSI Discovery Service Remote Code Execution VulnerabilityCriticalWindows iSCSICVE-2023-21700Windows iSCSI Discovery Service Denial of Service VulnerabilityImportantWindows iSCSICVE-2023-21702Windows iSCSI Service Denial of Service VulnerabilityImportantWindows iSCSICVE-2023-21811Windows iSCSI Service Denial of Service VulnerabilityImportantWindows KerberosCVE-2023-21817Windows Kerberos Elevation of Privilege VulnerabilityImportantWindows MSHTML PlatformCVE-2023-21805Windows MSHTML Platform Remote Code Execution VulnerabilityImportantWindows ODBC DriverCVE-2023-21797Microsoft ODBC Driver Remote Code Execution VulnerabilityImportantWindows ODBC DriverCVE-2023-21798Microsoft ODBC Driver Remote Code Execution VulnerabilityImportantWindows Protected EAP (PEAP)CVE-2023-21695Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityImportantWindows Protected EAP (PEAP)CVE-2023-21701Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service VulnerabilityImportantWindows Protected EAP (PEAP)CVE-2023-21692Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityCriticalWindows Protected EAP (PEAP)CVE-2023-21691Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure VulnerabilityImportantWindows Protected EAP (PEAP)CVE-2023-21690Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityCriticalWindows Protected EAP (PEAP)CVE-2023-21689Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution VulnerabilityCriticalWindows SChannelCVE-2023-21818Windows Secure Channel Denial of Service VulnerabilityImportantWindows Win32KCVE-2023-21822Windows Graphics Component Elevation of Privilege VulnerabilityImportant