Microsoft released its February 2023 Patch Tuesday updates today, which includes fixes for three actively exploited zero-day vulnerabilities. The three zero-day vulnerabilities are CVE-2023-21715, CVE-2023-21823, and CVE-2023-23376. CVE-2023-21823 is a Windows Graphics Component Remote Code Execution Vulnerability discovered by Dhanesh Kizhakkinan, Genwei Jiang, and Dhanesh Kizhakkinan of Mandiant. Microsoft says this remote code execution vulnerability allows attackers to execute commands with SYSTEM privileges. CVE-2023-21715 is a Microsoft Publisher Security Features Bypass Vulnerability discovered by Hidetake Jo of Microsoft. This vulnerability allows a specially crafted document to bypass Office macro policies that block untrusted or malicious files. Lastly, CVE-2023-23376 is a Windows Common Log File System Driver Elevation of Privilege Vulnerability discovered by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC). According to Microsoft, "an attacker who successfully exploited this vulnerability could gain SYSTEM privileges."
Microsoft has warned users to be aware of social engineering attacks, as "an authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer." Other vendors who released updates in February 2023 include Adobe, Apple, Google, and SAP.