Microsoft Security Bulletin Coverage for January 2023

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of January 2023. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2023-21552 Windows GDI Elevation of Privilege Vulnerability
ASPY 392: Malicious-exe exe.MP_294

CVE-2023-21674 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
ASPY 393: Malicious-exe exe.MP_295

CVE-2023-21768 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
ASPY 396: Malicious-exe exe.MP_296

Adobe Coverage:
CVE-2023-21604 Acrobat Reader Buffer Overflow
ASPY 397: Malformed-File pdf.MP_563

CVE-2023-21605 Acrobat Reader Buffer Overflow
ASPY 398: Malformed-File pdf.MP_564

CVE-2023-21581 Acrobat Reader Out-of-bounds Read
ASPY 399: Malformed-File pdf.MP_565

The following vulnerabilities do not have exploits in the wild :
CVE-2023-21524 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21525 Windows Encrypting File System (EFS) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21527 Windows iSCSI Service Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21531 Azure Service Fabric Container Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21532 Windows GDI Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21535 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21536 Event Tracing for Windows Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21537 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21538 .NET Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21539 Windows Authentication Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21540 Windows Cryptographic Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21541 Windows Task Scheduler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21542 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21543 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21546 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21547 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21548 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21549 Windows Workstation Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21550 Windows Cryptographic Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21551 Microsoft Cryptographic Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21555 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21556 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21557 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21558 Windows Error Reporting Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21559 Windows Cryptographic Services Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21560 Windows Boot Manager Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-21561 Microsoft Cryptographic Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21563 BitLocker Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-21675 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21676 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21677 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21678 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21679 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21680 Windows Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21681 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21682 Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21683 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21724 Microsoft DWM Core Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21725 Microsoft Windows Defender Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21726 Windows Credential Manager User Interface Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21727 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21728 Windows Netlogon Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21729 Remote Procedure Call Runtime Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21730 Windows Cryptographic Services Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21732 Microsoft ODBC Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21733 Windows Bind Filter Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21734 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21735 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21736 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21737 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21738 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21739 Windows Bluetooth Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21741 Microsoft Office Visio Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21742 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21743 Microsoft SharePoint Server Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-21744 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21745 Microsoft Exchange Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-21746 Windows NTLM Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21747 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21748 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21749 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21750 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21752 Windows Backup Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21753 Event Tracing for Windows Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21754 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21755 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21757 Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21758 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-21759 Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-21760 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21761 Microsoft Exchange Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21762 Microsoft Exchange Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-21763 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21764 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21765 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21766 Windows Overlay Filter Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21767 Windows Overlay Filter Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21771 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21772 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21773 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21774 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-21776 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-21779 Visual Studio Code Remote Code Execution
There are no known exploits in the wild.
CVE-2023-21780 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21781 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21782 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21783 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21784 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21785 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21786 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21787 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21788 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21789 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21790 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21791 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21792 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-21793 3D Builder Remote Code Execution Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.