{"id":44910,"date":"2023-04-12T11:41:48","date_gmt":"2023-04-12T10:41:48","guid":{"rendered":"https:\/\/www.n-able.com\/?p=44910"},"modified":"2023-04-17T10:28:52","modified_gmt":"2023-04-17T09:28:52","slug":"patch-tuesday-april-2023","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023","title":{"rendered":"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0"},"content":{"rendered":"<p class=\"p3\"><span class=\"s1\">April showers bring May flowers, and Patch Tuesdays bring new vulnerabilities that need to be weeded out of our gardens. Microsoft is giving sysadmins plenty to add to their spring cleaning chores with a selection of remote code execution vulnerabilities for Microsoft Office and Microsoft 365 Apps (<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28285\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28285<\/span><\/a>,\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28295\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28295<\/span><\/a>,\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28287\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28287<\/span><\/a>, and\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28311\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28311<\/span><\/a>). Even though these vulnerabilities aren\u2019t under active exploitation yet, they should still be a priority because of their large deployment base. Adding a little challenge here, sysadmins should review how they apply updates as they may be missing out on the use of Microsoft\u2019s Click-to-Run functionality to keep M365 Apps properly updated. <\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Microsoft Vulnerabilities <\/span><\/h2>\n<p class=\"p5\"><span class=\"s1\">Of the 103 vulnerabilities receiving fixes this month, five are updates to previous fixes. <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-43552\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2022-43552<\/span><\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-26923\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2022-26923<\/span><\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2013-3900\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2013-3900<\/span><\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34716\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2022-34716<\/span><\/a>, and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-38023\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2022-38023<\/span><\/a> all received updates with CVE-2022-38023 needing some additional attention from sysadmins and domain admins concerning <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Netlogon protocol changes<\/span><\/a>. There is also a new zero-day vulnerability: <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28252\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28252<\/span><\/a><\/span><span class=\"s3\">.<\/span><span class=\"s1\"> This is under active exploitation, but it should be easy to deal with as it is addressed in Monthly Rollup, Security Updates or CUs. <\/span><\/p>\n<h2 class=\"p1\">Microsoft 365 Vulnerability Fixes and Click-to-Run<\/h2>\n<p class=\"p5\"><span class=\"s1\">Microsoft Office and M365 apps also received fixes for multiple vulnerabilities (<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28285\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28285<\/span><\/a>,\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28295\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28295<\/span><\/a>,\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28287\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28287<\/span><\/a>, and\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28311\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">CVE-2023-28311<\/span><\/a>), but depending on how you apply updates and patches the fixes may not be included in your regular patching routine. Make sure you review your patching tools and processes to ensure M365 Apps have a defined <a href=\"https:\/\/learn.microsoft.com\/en-us\/deployoffice\/updates\/overview-update-process-microsoft-365-apps\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">update process<\/span><\/a> in place. We have an automation item available in the <a href=\"https:\/\/me.n-able.com\/s\/global-search\/%40uri#t=AutomationCookbook&#038;sort=relevancy#sort=relevancy\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Automation Cookbook<\/span><\/a> for N&#8209;sight and N&#8209;central partners to use to update and check Microsoft 365 versions that leverages Microsoft\u2019s Click-to-Run executable included in all installs of M365 apps: <\/span><\/p>\n<ul>\n<li class=\"p6\"><span class=\"s5\"><a href=\"https:\/\/me.n-able.com\/s\/article\/Microsoft-365-Update-With-Version-Check-N&#8209;sight\" target=\"_blank\" rel=\"noopener\"><span class=\"s6\">Download Microsoft 365 Update with Version Check for N&#8209;sight<\/span><\/a><\/span><\/li>\n<li class=\"p6\"><span class=\"s5\"><a href=\"https:\/\/me.n-able.com\/s\/article\/Microsoft-365-Update-With-Version-Check-NC\" target=\"_blank\" rel=\"noopener\"><span class=\"s6\">Download Microsoft 365 Update with Version Check for N&#8209;central<\/span><\/a><\/span><\/li>\n<\/ul>\n<p class=\"p5\"><span class=\"s1\">Also, as a reminder <a href=\"https:\/\/www.n-able.com\/blog\/patch-tuesday-march-2023\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">March&#8217;s Microsoft Patch Tuesday<\/span><\/a> made updates to how DCOM servers handle authentication. If you deferred last month\u2019s updates until this month and you\u2019re seeing any network communication problems with legacy applications, it could be tied to <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">KB5004442<\/span><\/a> now forcing DCOM servers to use more robust authentication with no option to revert to less secure options.<\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Microsoft adds new Windows LAPS<\/span><\/h2>\n<p class=\"p5\"><span class=\"s1\">A new integrated version of LAPS (Local Administrator Password Solution) was also part of this month\u2019s Microsoft Patch Tuesday release. LAPS allows you to secure the local administrator accounts on Windows domains and Azure AD joined devices. This is a valuable tool for any MSP that needs to secure local administrator accounts with rotating passwords managed by AD. If you\u2019re reading this and you don\u2019t know how your organization and clients secure local administrator accounts then you have some additional reading to do on LAPS. You can find out how it can significantly improve the resiliency of environments against the use of compromised credentials and session replays to make lateral movements within an environment, by reading this blog Microsoft has written to help <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/windows-it-pro-blog\/by-popular-demand-windows-laps-available-now\/ba-p\/3788747\">understand LAPS<\/a>.<\/span><\/p>\n<h2 class=\"p1\">Microsoft Patch Tuesday Vulnerability Prioritization<\/h2>\n<p class=\"p5\"><span class=\"s1\">As always, prioritizing which vulnerabilities to address first is part following established best practices and a little bit of gut instinct. Critical severity, exploitation more likely and exploitation detected vulnerabilities as always should be ranking fairly high on priority list. If you only patch based on severity you are leaving a lot of unnecessary risk exposure lying around. <\/span><\/p>\n<p class=\"p7\"><em><span class=\"s7\"><b>Table Key:\u00a0<\/b>Severity:\u00a0C = Critical, I = Important, M = Moderate;\u00a0Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected,\u00a0N\/A = Not Available<\/span><\/em><span class=\"s1\">\u00a0<\/span><\/p>\n<table cellspacing=\"0\" cellpadding=\"0\" class=\"t1\">\n<tbody>\n<tr>\n<td valign=\"top\" class=\"td1\" width=\"20%\">\n<p class=\"p8\"><strong><span class=\"s1\">CVE <\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\">\n<p class=\"p8\"><strong><span class=\"s1\">Description<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td3\" width=\"10%\">\n<p class=\"p8\" style=\"text-align: center\"><strong><span class=\"s1\">Severity<\/span><\/strong><\/p>\n<\/td>\n<td valign=\"top\" class=\"td4\" width=\"10%\">\n<p class=\"p8\" style=\"text-align: center\"><strong><span class=\"s1\">Status<\/span><\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28252\" target=\"_blank\" rel=\"noopener\">CVE-2023-28252<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2013-3900\" target=\"_blank\" rel=\"noopener\">CVE-2013-3900<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">WinVerifyTrust Signature Validation Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">ED<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28291\" target=\"_blank\" rel=\"noopener\">CVE-2023-28291<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Raw Image Extension Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28250\" target=\"_blank\" rel=\"noopener\">CVE-2023-28250<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28232\" target=\"_blank\" rel=\"noopener\">CVE-2023-28232<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28274\" target=\"_blank\" rel=\"noopener\">CVE-2023-28274<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Win32k Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28266\" target=\"_blank\" rel=\"noopener\">CVE-2023-28266<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Common Log File System Driver Information Disclosure Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28231\" target=\"_blank\" rel=\"noopener\">CVE-2023-28231<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">DHCP Server Service Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28227\" target=\"_blank\" rel=\"noopener\">CVE-2023-28227<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Bluetooth Driver Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28220\" target=\"_blank\" rel=\"noopener\">CVE-2023-28220<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28219\" target=\"_blank\" rel=\"noopener\">CVE-2023-28219<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Layer 2 Tunneling Protocol Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-28218\" target=\"_blank\" rel=\"noopener\">CVE-2023-28218<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24912\" target=\"_blank\" rel=\"noopener\">CVE-2023-24912<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21554\" target=\"_blank\" rel=\"noopener\">CVE-2023-21554<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Microsoft Message Queuing Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-38023\" target=\"_blank\" rel=\"noopener\">CVE-2022-38023<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Netlogon RPC Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-26923\" target=\"_blank\" rel=\"noopener\">CVE-2022-26923<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Active Directory Domain Services Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">C<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">EML<\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\" class=\"td5\">\n<p class=\"p9\"><span class=\"s8\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-43552\" target=\"_blank\" rel=\"noopener\">CVE-2022-43552<\/a><\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td6\">\n<p class=\"p10\"><span class=\"s1\">Open Source Curl Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td7\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">I<\/span><\/p>\n<\/td>\n<td valign=\"top\" class=\"td8\">\n<p class=\"p10\" style=\"text-align: center\"><span class=\"s1\">N\/A<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p class=\"p5\"><span class=\"s1\">\u00a0<\/span><\/p>\n<h2 class=\"p4\"><span class=\"s1\">Summary<\/span><\/h2>\n<p class=\"p5\"><span class=\"s1\">As always make sure you have established patching processes for evaluation, testing and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity consider including prioritization of patches for Zero-Days, Exploitation Detected, and Exploitation More Likely vulnerabilities in your <a href=\"https:\/\/www.n-able.com\/features\/windows-patch-management\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\">Patch Management<\/span><\/a> routines. <\/span><\/p>\n<p class=\"p11\"><span class=\"s1\"><b>Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Reviews, then check out\u00a0<\/b><a href=\"https:\/\/www.n-able.com\/blog\/patch-management?filter_products=all#filtered\" target=\"_blank\" rel=\"noopener\"><span class=\"s9\"><b>this section of our blog<\/b><\/span><\/a><b>.<\/b>\u00a0<\/span><\/p>\n<p class=\"p11\"><span class=\"s1\">Lewis Pope is the Head Security Nerd at N&#8209;able. You can follow him on Twitter:\u00a0<a href=\"https:\/\/twitter.com\/cybersec_nerd\" target=\"_blank\" rel=\"noopener\"><span class=\"s9\">@cybersec_nerd<\/span><\/a><\/span><\/p>\n<p class=\"p12\"><span class=\"s10\">LinkedIn:\u00a0<a href=\"https:\/\/www.linkedin.com\/in\/thesecuritypope\" target=\"_blank\" rel=\"noopener\"><span class=\"s11\">thesecuritypope<\/span><\/a><\/span><\/p>\n<p class=\"p12\"><span class=\"s10\">Twitch:\u00a0<a href=\"https:\/\/www.twitch.tv\/cybersec_nerd\" target=\"_blank\" rel=\"noopener\"><span class=\"s11\">cybersec_nerd<\/span><\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This month\u2019s Microsoft Patch Tuesday sees 103 vulnerabilities receiving fixes with one new zero-day, plus there\u2019s a new integrated version of Windows LAPS. Lewis Pope investigates.<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-44910","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0 - N-able<\/title>\n<meta name=\"description\" content=\"April&#039;s Microsoft Patch Tuesday includes 103 vulnerability fixes with one new zero-day, plus the new integrated Windows LAPS. Read more.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0 - N-able\" \/>\n<meta property=\"og:description\" content=\"April&#039;s Microsoft Patch Tuesday includes 103 vulnerability fixes with one new zero-day, plus the new integrated Windows LAPS. Read more.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-12T10:41:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-17T09:28:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-01.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1309\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-01.png\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0\",\"datePublished\":\"2023-04-12T11:41:48+01:00\",\"dateModified\":\"2023-04-17T09:28:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\"},\"wordCount\":895,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"it-IT\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\",\"url\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\",\"name\":\"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0 - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#website\"},\"datePublished\":\"2023-04-12T11:41:48+01:00\",\"dateModified\":\"2023-04-17T09:28:52+00:00\",\"description\":\"April's Microsoft Patch Tuesday includes 103 vulnerability fixes with one new zero-day, plus the new integrated Windows LAPS. Read more.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/it\/blog\/category\/head-nerds-it\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/it\/#website\",\"url\":\"https:\/\/www.n-able.com\/it\/\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/it\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/it\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0 - N-able","description":"April's Microsoft Patch Tuesday includes 103 vulnerability fixes with one new zero-day, plus the new integrated Windows LAPS. Read more.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023","og_locale":"it_IT","og_type":"article","og_title":"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0 - N-able","og_description":"April's Microsoft Patch Tuesday includes 103 vulnerability fixes with one new zero-day, plus the new integrated Windows LAPS. Read more.","og_url":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2023-04-12T10:41:48+00:00","article_modified_time":"2023-04-17T09:28:52+00:00","og_image":[{"width":2500,"height":1309,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-01.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-01.png","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Scritto da":"Lewis Pope","Tempo di lettura stimato":"4 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0","datePublished":"2023-04-12T11:41:48+01:00","dateModified":"2023-04-17T09:28:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023"},"wordCount":895,"publisher":{"@id":"https:\/\/www.n-able.com\/it\/#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"it-IT"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023","url":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023","name":"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0 - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/it\/#website"},"datePublished":"2023-04-12T11:41:48+01:00","dateModified":"2023-04-17T09:28:52+00:00","description":"April's Microsoft Patch Tuesday includes 103 vulnerability fixes with one new zero-day, plus the new integrated Windows LAPS. Read more.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/it\/blog\/patch-tuesday-april-2023#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/it\/blog\/category\/head-nerds-it"},{"@type":"ListItem","position":2,"name":"Patch Tuesday April 2023: Microsoft Local Administrator Password Solution and M365 Apps Manual Updates \u00a0\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/it\/#website","url":"https:\/\/www.n-able.com\/it\/","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/it\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/it\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/it\/#organization","name":"N-able","url":"https:\/\/www.n-able.com\/it\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts\/44910","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/comments?post=44910"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts\/44910\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/media?parent=44910"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}