back to article Microsoft delivers 75-count box of patches for Valentine's Day

Happy Patch Tuesday for February, 2023, which falls on Valentine's Day. Microsoft is showering love, maybe, on IT teams with some 75 security patches, nine of which are rated "critical" and 66 "important," and three of which Redmond says are under active exploitation. Interestingly enough, the trio being taken advantage of …

  1. razorfishsl

    Yep... just like they screwed over virtually Evey SYS admin.. a few months ago..

    by preventing Computers from re-registering into AD using the SAME computer account.

    so if you have machine "A", there are situations where it will not be allowed to register back into the AD if it disconnects...

    they shout "Security fix" and "hardening"


    so if it is "security hardening" , why is it only CLIENT side & not AD side?

    What a crock of shit.... a "Security fix that any hacker can bypass locally on the machine... and no i'm not talking about the registry bypass.

    They are deliberately throwing rocks in the road, to force people onto Azure... and off inhouse authentication.

  2. Lil Endian Silver badge

    It's a good idea to install those patches

    Chances of hack: 9.8 CVSS ratings

    Chances of M$ fucking you up: 10.0 based on Patch Tuesdays over the past months

    It's not a good idea to install those patches until someone else has tested them. Hey, it's not your money, right?

  3. ComputerSays_noAbsolutelyNo Silver badge

    RTF WTF?!

    Who uses RTF documents nowadays? Only a minority I hope.

    Can we have a switch somewhere in the Azurian Jungles of Settings and Preferences to opt-out of RTF alltogether.

    If my org doesn't use RTF, why does it need to suffer the RTF attack surface?

    1. Snake Silver badge

      Re: RTF WTF?!

      You suffer RTF patches because some BOFH will certainly try to open that RTF attachment from that wealthy Nigerian prince. It's almost a guarantee.

      1. Anonymous Coward
        Anonymous Coward

        Re: RTF WTF?!

        I think it's RTF because that format does not offer any option yet to embed a malicious payload.

        No doubt Microsoft is already working hard on corrupting correcting the standard so it can.

  4. david 12 Silver badge

    Protected Extensible Authentication Protocol

    I don't know whats going on here. Microsoft says that PEAP is best practice for NPS. So either most people are just using password-login for remote access, or perhaps just not using Microsoft for remote access and Radius. I'm not aware that it's a case of not using it "anymore".

    1. Michael Wojcik Silver badge

      Re: Protected Extensible Authentication Protocol

      Yeah, ZDI doesn't provide any support for that "it doesn’t appear this protocol is used much anymore", and not that long ago it was very common – one of the most commonly used EAP variants. Cisco used it widely, for example, and AIUI it's supported by a lot of WiFi WPA/WPA2 implementations. While in theory PEAP is superseded by more recent EAP-over-TLS variants such as EAP-TTLS, I would not blithely assume no one's using it any more.

      Also, with several vulnerabilities in Microsoft's implementation, the question is not "are you using it?" but "is it an available part of your attack surface?".

      Unless you're sure you're blocking it (both at the perimeter and within the network – it looks like a good hook for an attacker who's penetrated the network to pivot and escalate), I'd say you should be prioritizing those updates. Along with the other Criticals and Highs.

      And, yes, MS updates have often broken things. Well, that's the price you pay.

  5. AnotherName

    Strange silence...

    Either no-one dares to try it, or they have and are fighting to regain control of the computers leaving no time to post here?

    It seems unlikely that it was fine.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like