Microsoft February Patch Tuesday has been released to Windows to fix the security vulnerabilities. As per the Techradar report, this patch can fix 77 identified flaws in Windows.
Patch Tuesday is a union formed by Microsoft and other well-known software companies to release regular product updates. This update for Microsoft products is scheduled for the second Tuesday of each month. Now, the update is here to fix some critical Windows security flaws.
According to the company’s announcement, this update fixes 12 Elevation of Privilege Vulnerabilities, 8 Spoofing Vulnerabilities, 10 Denial of Service Vulnerabilities, 8 Information Disclosure flaws, 38 Remote Code Execution Vulnerabilities, and 2 Security Feature Bypass flaws.
February Patch Tuesday is now ready to download through Microsoft Store
The February Patch Tuesday also covered three zero-day vulnerabilities. This name is applied to those kinds of flaws that are spotted in software but aren’t patched yet. It allows hackers to exploit victims’ devices and steal data. The zero-day flaws in Windows reportedly allowed attackers to execute codes remotely, get a system privilege, and bypass Office macro policies.
The zero-day vulnerabilities patched in the February update include CVE-2023-21823 (Windows graphics component remote code execution), CVE-2023-21715 (Microsoft publisher security features bypass), and CVE-2023-23376 (Windows common log file system driver elevation of privilege vulnerability).
According to Microsoft, “The attack itself is carried out locally by a user with authentication to the targeted system.” The company also explains that the hackers can trick victims into downloading specially crafted files from a website which could lead to a local attack on the victim’s computer.
Unlike regular updates that are released through Windows Update, the February Patch Tuesday is available on Microsoft Store. If you’ve disabled the automatic updates in Microsoft Store, you’ll need to activate it manually to be able to get the update.
Other software companies like Adobe, Apple, Cisco, and Atlassian released a February 2023 patch for their products. Likewise, the February security patch is also rolled out to Pixel devices.