The February 2023 Patch Tuesday is upon us, with Microsoft releasing patches for 75 CVE-numbered vulnerabilities, including three actively exploited zero-day flaws (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823). The three zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823) CVE-2023-21715 a vulnerability that allows attackers to bypass a Microsoft Publisher security feature: Office macro policies used to block untrusted or malicious files. “The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit … Continue reading Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)