Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

TagCVE IDCVE TitleSeverity.NET CoreCVE-2023-28260.NET DLL Hijacking Remote Code Execution VulnerabilityImportantAzure Machine LearningCVE-2023-28312Azure Machine Learning Information Disclosure VulnerabilityImportantAzure Service ConnectorCVE-2023-28300Azure Service Connector Security Feature Bypass VulnerabilityImportantMicrosoft Bluetooth DriverCVE-2023-28227Windows Bluetooth Driver Remote Code Execution VulnerabilityImportantMicrosoft Defender for EndpointCVE-2023-24860Microsoft Defender Denial of Service VulnerabilityImportantMicrosoft DynamicsCVE-2023-28314Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft DynamicsCVE-2023-28309Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportantMicrosoft Dynamics 365 Customer VoiceCVE-2023-28313Microsoft Dynamics 365 Customer Voice Cross-Site Scripting VulnerabilityImportantMicrosoft Edge (Chromium-based)CVE-2023-28284Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityModerateMicrosoft Edge (Chromium-based)CVE-2023-1823Chromium: CVE-2023-1823 Inappropriate implementation in FedCMUnknownMicrosoft Edge (Chromium-based)CVE-2023-28301Microsoft Edge (Chromium-based) Tampering VulnerabilityLowMicrosoft Edge (Chromium-based)CVE-2023-1810Chromium: CVE-2023-1810 Heap buffer overflow in VisualsUnknownMicrosoft Edge (Chromium-based)CVE-2023-24935Microsoft Edge (Chromium-based) Spoofing VulnerabilityLowMicrosoft Edge (Chromium-based)CVE-2023-1819Chromium: CVE-2023-1819 Out of bounds read in AccessibilityUnknownMicrosoft Edge (Chromium-based)CVE-2023-1818Chromium: CVE-2023-1818 Use after free in VulkanUnknownMicrosoft Edge (Chromium-based)CVE-2023-1814Chromium: CVE-2023-1814 Insufficient validation of untrusted input in Safe BrowsingUnknownMicrosoft Edge (Chromium-based)CVE-2023-1821Chromium: CVE-2023-1821 Inappropriate implementation in WebShareUnknownMicrosoft Edge (Chromium-based)CVE-2023-1811Chromium: CVE-2023-1811 Use after free in FramesUnknownMicrosoft Edge (Chromium-based)CVE-2023-1820Chromium: CVE-2023-1820 Heap buffer overflow in Browser HistoryUnknownMicrosoft Edge (Chromium-based)CVE-2023-1816Chromium: CVE-2023-1816 Incorrect security UI in Picture In PictureUnknownMicrosoft Edge (Chromium-based)CVE-2023-1815Chromium: CVE-2023-1815 Use after free in Networking APIsUnknownMicrosoft Edge (Chromium-based)CVE-2023-1822Chromium: CVE-2023-1822 Incorrect security UI in NavigationUnknownMicrosoft Edge (Chromium-based)CVE-2023-1813Chromium: CVE-2023-1813 Inappropriate implementation in ExtensionsUnknownMicrosoft Edge (Chromium-based)CVE-2023-1812Chromium: CVE-2023-1812 Out of bounds memory access in DOM BindingsUnknownMicrosoft Edge (Chromium-based)CVE-2023-1817Chromium: CVE-2023-1817 Insufficient policy enforcement in IntentsUnknownMicrosoft Graphics ComponentCVE-2023-24912Windows Graphics Component Elevation of Privilege VulnerabilityImportantMicrosoft Message QueuingCVE-2023-21769Microsoft Message Queuing Denial of Service VulnerabilityImportantMicrosoft Message QueuingCVE-2023-21554Microsoft Message Queuing Remote Code Execution VulnerabilityCriticalMicrosoft OfficeCVE-2023-28285Microsoft Office Graphics Remote Code Execution VulnerabilityImportantMicrosoft Office PublisherCVE-2023-28295Microsoft Publisher Remote Code Execution VulnerabilityImportantMicrosoft Office PublisherCVE-2023-28287Microsoft Publisher Remote Code Execution VulnerabilityImportantMicrosoft Office SharePointCVE-2023-28288Microsoft SharePoint Server Spoofing VulnerabilityImportantMicrosoft Office WordCVE-2023-28311Microsoft Word Remote Code Execution VulnerabilityImportantMicrosoft PostScript Printer DriverCVE-2023-28243Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24883Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24927Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24925Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24924Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24885Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24928Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24884Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24926Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24929Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24887Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft Printer DriversCVE-2023-24886Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2023-28275Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28256Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28278Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28307Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28306Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28223Windows Domain Name Service Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28254Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28305Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28308Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28255Windows DNS Server Remote Code Execution VulnerabilityImportantMicrosoft Windows DNSCVE-2023-28277Windows DNS Server Information Disclosure VulnerabilityImportantSQL ServerCVE-2023-23384Microsoft SQL Server Remote Code Execution VulnerabilityImportantSQL ServerCVE-2023-23375Microsoft ODBC and OLE DB Remote Code Execution VulnerabilityImportantSQL ServerCVE-2023-28304Microsoft ODBC and OLE DB Remote Code Execution VulnerabilityImportantVisual StudioCVE-2023-28299Visual Studio Spoofing VulnerabilityImportantVisual StudioCVE-2023-28262Visual Studio Elevation of Privilege VulnerabilityImportantVisual StudioCVE-2023-28263Visual Studio Information Disclosure VulnerabilityImportantVisual StudioCVE-2023-28296Visual Studio Remote Code Execution VulnerabilityImportantVisual Studio CodeCVE-2023-24893Visual Studio Code Remote Code Execution VulnerabilityImportantWindows Active DirectoryCVE-2023-28302Microsoft Message Queuing Denial of Service VulnerabilityImportantWindows ALPCCVE-2023-28236Windows Kernel Elevation of Privilege VulnerabilityImportantWindows ALPCCVE-2023-28216Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege VulnerabilityImportantWindows Ancillary Function Driver for WinSockCVE-2023-28218Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportantWindows Boot ManagerCVE-2023-28269Windows Boot Manager Security Feature Bypass VulnerabilityImportantWindows Boot ManagerCVE-2023-28249Windows Boot Manager Security Feature Bypass VulnerabilityImportantWindows Clip ServiceCVE-2023-28273Windows Clip Service Elevation of Privilege VulnerabilityImportantWindows CNG Key Isolation ServiceCVE-2023-28229Windows CNG Key Isolation Service Elevation of Privilege VulnerabilityImportantWindows Common Log File System DriverCVE-2023-28266Windows Common Log File System Driver Information Disclosure VulnerabilityImportantWindows Common Log File System DriverCVE-2023-28252Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportantWindows DHCP ServerCVE-2023-28231DHCP Server Service Remote Code Execution VulnerabilityCriticalWindows Enroll EngineCVE-2023-28226Windows Enroll Engine Security Feature Bypass VulnerabilityImportantWindows Error ReportingCVE-2023-28221Windows Error Reporting Service Elevation of Privilege VulnerabilityImportantWindows Group PolicyCVE-2023-28276Windows Group Policy Security Feature Bypass VulnerabilityImportantWindows Internet Key Exchange (IKE) ProtocolCVE-2023-28238Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution VulnerabilityImportantWindows KerberosCVE-2023-28244Windows Kerberos Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2023-28271Windows Kernel Memory Information Disclosure VulnerabilityImportantWindows KernelCVE-2023-28248Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2023-28222Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2023-28272Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2023-28293Windows Kernel Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2023-28253Windows Kernel Information Disclosure VulnerabilityImportantWindows KernelCVE-2023-28237Windows Kernel Remote Code Execution VulnerabilityImportantWindows KernelCVE-2023-28298Windows Kernel Denial of Service VulnerabilityImportantWindows Layer 2 Tunneling ProtocolCVE-2023-28219Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCriticalWindows Layer 2 Tunneling ProtocolCVE-2023-28220Layer 2 Tunneling Protocol Remote Code Execution VulnerabilityCriticalWindows Lock ScreenCVE-2023-28270Windows Lock Screen Security Feature Bypass VulnerabilityImportantWindows Lock ScreenCVE-2023-28235Windows Lock Screen Security Feature Bypass VulnerabilityImportantWindows NetlogonCVE-2023-28268Netlogon RPC Elevation of Privilege VulnerabilityImportantWindows Network Address Translation (NAT)CVE-2023-28217Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportantWindows Network File SystemCVE-2023-28247Windows Network File System Information Disclosure VulnerabilityImportantWindows Network Load BalancingCVE-2023-28240Windows Network Load Balancing Remote Code Execution VulnerabilityImportantWindows NTLMCVE-2023-28225Windows NTLM Elevation of Privilege VulnerabilityImportantWindows PGMCVE-2023-28250Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCriticalWindows Point-to-Point Protocol over Ethernet (PPPoE)CVE-2023-28224Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution VulnerabilityImportantWindows Point-to-Point Tunneling ProtocolCVE-2023-28232Windows Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCriticalWindows Raw Image ExtensionCVE-2023-28291Raw Image Extension Remote Code Execution VulnerabilityCriticalWindows Raw Image ExtensionCVE-2023-28292Raw Image Extension Remote Code Execution VulnerabilityImportantWindows RDP ClientCVE-2023-28228Windows Spoofing VulnerabilityImportantWindows RDP ClientCVE-2023-28267Remote Desktop Protocol Client Information Disclosure VulnerabilityImportantWindows RegistryCVE-2023-28246Windows Registry Elevation of Privilege VulnerabilityImportantWindows RPC APICVE-2023-21729Remote Procedure Call Runtime Information Disclosure VulnerabilityImportantWindows RPC APICVE-2023-21727Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportantWindows RPC APICVE-2023-28297Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege VulnerabilityImportantWindows Secure ChannelCVE-2023-24931Windows Secure Channel Denial of Service VulnerabilityImportantWindows Secure ChannelCVE-2023-28233Windows Secure Channel Denial of Service VulnerabilityImportantWindows Secure Socket Tunneling Protocol (SSTP)CVE-2023-28241Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service VulnerabilityImportantWindows Transport Security Layer (TLS)CVE-2023-28234Windows Secure Channel Denial of Service VulnerabilityImportantWindows Win32KCVE-2023-28274Windows Win32k Elevation of Privilege VulnerabilityImportantWindows Win32KCVE-2023-24914Win32k Elevation of Privilege VulnerabilityImportant