Microsoft’s February Patch Tuesday Updates Fix 75 Windows Vulnerabilities

Windows 11

Microsoft has released today the February 2023 Patch Tuesday updates for Windows 11 and Windows 10. As usual, the company fixed dozens of vulnerabilities in Windows and other components, including two security flaws that are already being exploited by attackers.

On the quality and experiences update front, Microsoft has brought some fixes to Windows Search on Windows 11 version 22H2. For Windows 11 users still running the version 21H2 of the OS, there are also some notable changes in the Settings apps.   

Let’s take a closer look at the main security fixes Microsoft released today. 

75 vulnerabilities fixed with the February 2023 Patch Tuesday updates

The full list of CVEs released by Microsoft for the month of February includes two undisclosed vulnerabilities rated “Important” that are already being exploited by attackers. Here are the most important fixed vulnerabilities you should know about. 

  • CVE-2023-21715: This Microsoft Publisher Security Features Bypass Vulnerability is already being exploited by attackers. It requires users to open specially crafted files allowing attackers to bypass Office macro policies used to block untrusted or malicious files.
  • CVE-2023-23376: This Windows Common Log File System Driver Elevation of Privilege Vulnerability is also already being exploited by attackers to gain system privileges.
  • CVE-2023-21689: This is a Remote Code Execution Vulnerability in the Microsoft Protected Extensible Authentication Protocol (PEAP) that could allow attackers to trigger malicious code in the context of the server’s account through a network call.
  • CVE-2023-21529: This Microsoft Exchange Server Remote Code Execution Vulnerability could allow authenticated attackers to target the server accounts in an arbitrary or remote code execution.
  • CVE-2023-21716: This Microsoft Word Remote Code Execution Vulnerability uses the Preview Pane as the attack vector. An unauthenticated attacker could send a malicious e-mail containing an RTF payload that would allow them to gain access and execute commands. 

Here’s the full list of CVEs released by Microsoft this month:

ProductImpactMax SeverityArticleDetails
Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5022899CVE-2023-21823
Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5022894CVE-2023-21823
Windows Server 2012 R2Elevation of PrivilegeImportant5022899CVE-2023-21823
Windows Server 2012 R2Elevation of PrivilegeImportant5022894CVE-2023-21823
Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5022903CVE-2023-21823
Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5022895CVE-2023-21823
Windows Server 2012Elevation of PrivilegeImportant5022903CVE-2023-21823
Windows Server 2012Elevation of PrivilegeImportant5022895CVE-2023-21823
Windows Server 2016 (Server Core installation)Elevation of PrivilegeImportant5022838CVE-2023-21823
Windows Server 2016Elevation of PrivilegeImportant5022838CVE-2023-21823
Windows 10 Version 1607 for x64-based SystemsElevation of PrivilegeImportant5022838CVE-2023-21823
Windows 10 Version 1607 for 32-bit SystemsElevation of PrivilegeImportant5022838CVE-2023-21823
Windows 10 for x64-based SystemsElevation of PrivilegeImportant5022858CVE-2023-21823
Windows 10 for 32-bit SystemsElevation of PrivilegeImportant5022858CVE-2023-21823
Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5022834CVE-2023-21823
Windows 10 Version 21H2 for ARM64-based SystemsElevation of PrivilegeImportant5022834CVE-2023-21823
Windows 10 Version 21H2 for 32-bit SystemsElevation of PrivilegeImportant5022834CVE-2023-21823
Windows 11 version 21H2 for ARM64-based SystemsElevation of PrivilegeImportant5022836CVE-2023-21823
Windows 11 version 21H2 for x64-based SystemsElevation of PrivilegeImportant5022836CVE-2023-21823
Windows 10 Version 20H2 for ARM64-based SystemsElevation of PrivilegeImportant5022834CVE-2023-21823
Windows 10 Version 20H2 for 32-bit SystemsElevation of PrivilegeImportant5022834CVE-2023-21823
Windows 10 Version 20H2 for x64-based SystemsElevation of PrivilegeImportant5022834CVE-2023-21823
Windows Server 2022 (Server Core installation)Elevation of PrivilegeImportant5022842CVE-2023-21823
Windows Server 2022Elevation of PrivilegeImportant5022842CVE-2023-21823
Windows Server 2019 (Server Core installation)Elevation of PrivilegeImportant5022840CVE-2023-21823
Windows Server 2019Elevation of PrivilegeImportant5022840CVE-2023-21823
Windows 10 Version 1809 for ARM64-based SystemsElevation of PrivilegeImportant5022840CVE-2023-21823
Windows 10 Version 1809 for x64-based SystemsElevation of PrivilegeImportant5022840CVE-2023-21823
Windows 10 Version 1809 for 32-bit SystemsElevation of PrivilegeImportant5022840CVE-2023-21823
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionImportant5022835CVE-2023-21805
Windows Server 2012 R2Remote Code ExecutionImportant5022835CVE-2023-21805
Windows Server 2012 (Server Core installation)Remote Code ExecutionImportant5022835CVE-2023-21805
Windows Server 2012Remote Code ExecutionImportant5022835CVE-2023-21805
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionCritical5022899CVE-2023-21692
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionCritical5022894CVE-2023-21692
Windows Server 2012 R2Remote Code ExecutionCritical5022899CVE-2023-21692
Windows Server 2012 R2Remote Code ExecutionCritical5022894CVE-2023-21692
Windows Server 2012 (Server Core installation)Remote Code ExecutionCritical5022903CVE-2023-21692
Windows Server 2012 (Server Core installation)Remote Code ExecutionCritical5022895CVE-2023-21692
Windows Server 2012Remote Code ExecutionCritical5022903CVE-2023-21692
Windows Server 2012Remote Code ExecutionCritical5022895CVE-2023-21692
Windows Server 2016 (Server Core installation)Remote Code ExecutionCritical5022838CVE-2023-21692
Windows Server 2016Remote Code ExecutionCritical5022838CVE-2023-21692
Windows 10 Version 1607 for x64-based SystemsRemote Code ExecutionCritical5022838CVE-2023-21692
Windows 10 Version 1607 for 32-bit SystemsRemote Code ExecutionCritical5022838CVE-2023-21692
Windows 10 for x64-based SystemsRemote Code ExecutionCritical5022858CVE-2023-21692
Windows 10 for 32-bit SystemsRemote Code ExecutionCritical5022858CVE-2023-21692
Windows 10 Version 21H2 for x64-based SystemsRemote Code ExecutionCritical5022834CVE-2023-21692
Windows 10 Version 21H2 for ARM64-based SystemsRemote Code ExecutionCritical5022834CVE-2023-21692
Windows 10 Version 21H2 for 32-bit SystemsRemote Code ExecutionCritical5022834CVE-2023-21692
Windows 11 version 21H2 for ARM64-based SystemsRemote Code ExecutionCritical5022836CVE-2023-21692
Windows 11 version 21H2 for x64-based SystemsRemote Code ExecutionCritical5022836CVE-2023-21692
Windows 10 Version 20H2 for ARM64-based SystemsRemote Code ExecutionCritical5022834CVE-2023-21692
Windows 10 Version 20H2 for 32-bit SystemsRemote Code ExecutionCritical5022834CVE-2023-21692
Windows 10 Version 20H2 for x64-based SystemsRemote Code ExecutionCritical5022834CVE-2023-21692
Windows Server 2022 (Server Core installation)Remote Code ExecutionCritical5022842CVE-2023-21692
Windows Server 2022Remote Code ExecutionCritical5022842CVE-2023-21692
Windows Server 2019 (Server Core installation)Remote Code ExecutionCritical5022840CVE-2023-21692
Windows Server 2019Remote Code ExecutionCritical5022840CVE-2023-21692
Windows 10 Version 1809 for ARM64-based SystemsRemote Code ExecutionCritical5022840CVE-2023-21692
Windows 10 Version 1809 for x64-based SystemsRemote Code ExecutionCritical5022840CVE-2023-21692
Windows 10 Version 1809 for 32-bit SystemsRemote Code ExecutionCritical5022840CVE-2023-21692

Quality and experience updates

On Windows 11 version 22H2, the KB5022845 patch improves app reliability with an IME as well as cursor performance for Japanese Kanji. Regarding Windows Search, Microsoft addressed an issue that was preventing users from searching for a file based on the file’s content, as well as another bug stopping users from opening pictures that appeared in search results in their preferred photo app. 

This update also makes preview .NET Framework updates available to download via Windows Update. Users will now find these updates on the Settings > Windows Update > Advanced options > Optional updates page.

For users still running Windows 11 version 21H2, the KB5022836 patch brings improves the Microsoft Account experience in settings, with the ability to manage OneDrive subscriptions and see storage alerts. This update also combines Windows Spotlight desktop wallpapers with Themes on the Personalization page. 

Lastly, the KB5022384 patch for Windows 10 versions 20H2, 21H2, and 22H2 mostly brings security fixes and minor improvements. Microsoft mentioned a fix for an issue that affected cached Fast Identity Online 2.0 (FIDO2) authentication data. Another issue that was preventing PCs with firmware Trusted Platform Modules to use AutoPilot for setup has also been addressed. 

Microsoft is also rolling out an update to Microsoft Edge today that disables Internet Explorer 11 for good on Windows 10. Users will now have to use the built-in IE mode in Microsoft Edge as a workaround, and this feature will be supported until 2029.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

If you have any problems with this month’s patches, please let us know in the comments below. Other readers might be able to share their experiences in how to roll back problematic updates or mitigate issues caused by patches that are important to have in place.