Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)

The February 2023 Patch Tuesday is upon us, with Microsoft releasing patches for 75 CVE-numbered vulnerabilities, including three actively exploited zero-day flaws (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823). The three zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823) CVE-2023-21715 a vulnerability that allows attackers to bypass a Microsoft Publisher security feature: Office macro policies used to block untrusted or malicious files. “The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit … More →

The post …

actively exploited attack attackers authentication block bypass cve cve-2023-21715 cve-2023-21823 cve-2023-23376 don't miss exploited february files flaws hot stuff locally macro malicious microsoft microsoft exchange office patch patches patch tuesday policies publisher security security update system trend micro tuesday untrusted vulnerabilities vulnerability zero-day zero-day flaws zero-days