The Microsoft February 2023 security updates have been released and consist of 75 new CVEs. Of these CVEs, 9 are rated critical and 66 are rated important in severity. At the time of release, two are listed as publicly known and none as being in the wild.
The security updates apply to the following products, features, and roles: .NET and Visual Studio, .NET Framework, 3D Builder, Azure App Service, Azure Data Box Gateway,.Azure DevOps,.Azure Machine Learning, HoloLens, Internet Storage Name Service, Microsoft Defender for Endpoint, Microsoft Defender for IoT, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office OneNote, Microsoft Office Publisher, Microsoft Office SharePoint, Microsoft Office Word, Microsoft PostScript Printer Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Codecs Library, Power BI, SQL Server, Visual Studio, Windows Active Directory, Windows ALPC, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Distributed File System (DFS), Windows Fax and Scan Service, Windows HTTP.sys, Windows Installer, Windows iSCSI, Windows Kerberos, Windows MSHTML Platform, Windows ODBC Driver, Windows Protected EAP (PEAP), Windows SChannel, and Windows Win32K.
See the long list of KBs at the bottom of the page at February 2023 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds.
Important:
After March 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates (known as the "B" or Update Tuesday release) will continue for these versions. Windows 10, version 22H2 will continue to receive security and optional releases.
Also, as of today, the retired, out-of-support Internet Explorer 11 desktop application will be permanently turned off using a Microsoft Edge update on certain versions of Windows 10. See the Internet Explorer 11 desktop app retirement FAQ for more information.
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative -- The February 2023 Security Update Review.
Additional Update Notes:
- MSRT -- The Malicious Software Removal Tool is now run on a quarterly basis rather than monthly. See Remove specific prevalent malware with Windows Malicious Software Removal Tool.
- Servicing Stack Updates -- Microsoft now combines the latest servicing stack update (SSU) for your operating system with the Latest Cumulative Updates (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
- Windows updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows, in addition to non-security updates. The updates are also available via search for the KB number in the Microsoft Update Catalog.
- For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows 10 Home and Pro - Microsoft Lifecycle | Microsoft Docs and Windows 11 Home and Pro (Version 21H2) - Microsoft Lifecycle | Microsoft Docs.
- Windows Update History:
References
No comments:
Post a Comment