Three New Zero-Day IT Patches for 2023

by | Feb 21, 2023 | INSI

 

So far this year, Microsoft has already issued three new Zero-Day IT Patches. The patches are for Microsoft Office, Windows Graphic Component, and Windows Common Log File System Driver. Combined, they contain 75 newly diagnosed vulnerabilities and exposures.

This is just one more example of why all MSPs in Atlanta Ga should perform regular preventive maintenance on their clients’ networks.

What is Patch Tuesday?

Patch Tuesday happens on the second Tuesday of every month (and sometimes on the fourth). At this time, Microsoft, Adobe, and Oracle release new patches and updates to protect against new vulnerabilities. Zero-Day exposures should be addressed immediately because more and more hackers will seek to exploit them as each day passes.

What is a Zero-Day IT Patch?

Zero-day patches are patches that must be applied immediately because the days between the discovery of the first attack are the same as when it was discovered. Therefore, the term “zero-day” refers to the vulnerability themselves because they are quickly publicized on the dark web for all hackers to exploit.
About the February 2023 Zero-Day IT Patch Alert

The Zero-Day IT Patch are ranked on severity, and carry Common Vulnerability Scoring Systems (CVSS) at 7.3, 7.5, and 7.8. These scores are high but not critical because it can only be executed locally and gives the attacker system privileges. Some people disagree with the CVSS rating on this patch because it could provide complete control of a Windows Endpoint if paired with another attack.

Here are the latest Microsoft Zero-day IT Patches:

CVE-2023-21715 –This Microsoft Office attack is carried about by authenticated user to target a system through social engineering. This attack convinces the victim to download and open files from a website to infiltrate the victim’s computer. Once they access the target, cybercriminals bypass the Office macro policies to block untrusted or malicious files.

CVE-2023-21823 – This Windows Graphic Component attack happens when a user disables automatic updates for the Microsoft Store. This particular type of exploit is an arbitrary code execution that is carried out locally. Your MSP can update the zero-patch through the Microsoft Store.

CVE-2023-23376 – A cybercriminal can get system privileges if they successfully exploit Windows Common Log File System Driver vulnerability. This particular attack is targeted toward certain 2008 and 2012 servers and the patch is dependent on the particular type of server.

Your MSP Responsibilities

Every software application has weaknesses, and it is only a matter of time before bad actors discover them. For this reason, it is just as important to monitor desktops and servers because end-users are your biggest weakness. That’s why your MSP needs to perform regular preventive maintenance and network monitoring. Your MSP should address these Zero Day IT patch NOW. Not tomorrow or next week. They need to do it now if they haven’t already!

INSI is Here for You

At INSI, we take server maintenance very seriously. Not only do we have Microsoft Windows experts on staff to apply the latest Zero-day IT patches, but we also regularly perform onsite preventive maintenance for our clients. With INSI, you always have the latest updates and patches to protect your network. Contact us to reach the best MSP in Atlanta: 770-387-2424, option 2.

About INSI: The Best MSP in Atlanta!

Innovative Network Systems, Inc. has a unique approach to integrating IT support and cybersecurity. Our month-to-month programs range from basic support to proactive support, managed support, and customized support. Each program is tailored to the client’s needs and internal IT strengths.  

For more information about cybersecurity dangers and the preventative measures for your company, connect with the top MSP in Atlanta; Contact INSI: 770-387-2424, option 2 or click the link below. In addition, we offer 16 different cybersecurity programs to protect you and your data.

About the Author

Deborah Frazier is the author of IT Outsourcing Secrets – A Small Business Guide to Compare IT Support Companies. With 20 years of experience consulting small- and medium-sized businesses on their IT support needs, she brings a wealth of knowledge to INSI as Head of Marketing and Sales. If you like this article and want to be notified when a new article becomes available, click here.