Welcome to our summary of the April 2023 Microsoft Patch Tuesday. We have tabulated the vulnerabilities that the latest patches from Microsoft fix, so that you can easily export them for use in your vulnerability management program.

Rootshell users have already benefited from the platform’s Active Exploit Detection, which automatically alerts you to active exploits affecting issues within your estate.

Microsoft’s April 2023 Patch Tuesday announces fixes for 97 issues, including a fix for a zero day vulnerability.

7 of the 97 vulnerabilities are Critical as they allow remote code execution.

This update contains 20 Elevation of Privilege Vulnerabilities, 8 Security Feature Bypass Vulnerabilities, 45 Remote Code Execution Vulnerabilities, 10 Information Disclosure Vulnerabilities, 9 Denial of Service Vulnerabilities, and 6 Spoofing Vulnerabilities.

The zero-day vulnerability fixed in April’s Patch Tuesday update is:

• CVE-2023-28252 – Windows Common Log File System Driver Elevation of Privilege Vulnerability

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

[wpdatatable id=”14″ /][wpdatatable id=”0″ /]