9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.94 High
EPSS
Percentile
99.0%
Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays.
Alternative video link (for Russia): <https://vk.com/video-149273431_456239118>
This month I decided to change the format a bit. Now I share my impression of Microsoft Patch Tuesday on the same Patch Tuesday day in my main telegram channel avleonovcom and my second russian telegram channel avleonovrus. You can also find a draft of the Vulristics report there. So please subscribe. And the full blog post/video is published with a delay. And, in fact, this is it.
As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews.
$ cat comments_links.txt
ZDI|The February 2023 Security Update Overview|https://www.thezdi.com/blog/2023/2/14/the-february-2023-security-update-overview
KrebsOnSecurity|Microsoft Patch Tuesday, February 2023 Edition|https://krebsonsecurity.com/2023/02/microsoft-patch-tuesday-february-2023-edition/
Qualys|The February 2023 Patch Tuesday Security Update Review|https://blog.qualys.com/vulnerabilities-threat-research/patch-tuesday/2023/02/14/the-february-2023-patch-tuesday-security-update-review
$ python3 vulristics.py --report-type "ms_patch_tuesday_extended" --mspt-year 2023 --mspt-month "February" --mspt-comments-links-path "comments_links.txt" --rewrite-flag "True"
...
Creating Patch Tuesday profile...
MS PT Year: 2023
MS PT Month: February
MS PT Date: 2023-02-14
MS PT CVEs found: 78
Ext MS PT Date from: 2023-01-11
Ext MS PT Date to: 2023-02-13
Ext MS PT CVEs found: 34
ALL MS PT CVEs: 112
Information Disclosure - Microsoft HoloLens 1 (CVE-2019-15126). In fact, this is an old Broadcom vulnerability with a bunch of exploits. Microsoft HoloLens (1st gen) was the world's first fully untethered holographic computer. It was released in March 2016. An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic. Broadcom no longer supports their hardware on any Windows platforms. As such there is no security update available to address this vulnerability. But there are some security recommendations.
Full Vulristics report: ms_patch_tuesday_february2023
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.94 High
EPSS
Percentile
99.0%