Выпустил блогопост и видяшку по апрельскому Micorosoft Patch Tuesday Vulristics для англоязычного канала и блога. По сравнению с первыми впечатлениями добавились Microsoft Word RCE (CVE-2023–28311) с эксплоитом и Windows Pragmatic General Multicast (PGM) RCE (CVE-2023–28250) похожая на QueueJumper RCE в MSMQ. Также добавил много RCE в Windows DNS Server, но что-то определенное по ним сказать сложно.
Critical
00:50 Elevation of Privilege — Windows Common Log File System Driver (CVE-2023–28252)
01:44 Remote Code Execution — Microsoft Word (CVE-2023–28311)
Other
02:18 Remote Code Execution — Microsoft Message Queuing (CVE-2023–21554) (QueueJumper)
03:17 Remote Code Execution — Windows Pragmatic General Multicast (PGM) (CVE-2023–28250)
04:05 Lots of CVEs Remote Code Execution – Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023–24884, CVE-2023–24885, CVE-2023–24886, CVE-2023–24887, CVE-2023–24924, CVE-2023–24925, CVE-2023–24926, CVE-2023–24927, CVE-2023–24928, CVE-2023–24929, CVE-2023–28243)
04:24 Lots of CVEs Remote Code Execution – Windows DNS Server (CVE-2023–28254, CVE-2023–28255, CVE-2023–28256, CVE-2023–28278, CVE-2023–28305, CVE-2023–28306, CVE-2023–28307, CVE-2023–28308)
04:32 Remote Code Execution — DHCP Server Service (CVE-2023–28231)
Video: https://youtu.be/aLt5k18jOwY
Video2 (for Russia): https://vk.com/video-149273431_456239123
Blogpost: https://avleonov.com/2023/04/28/microsoft-patch-tuesday-april-2023-clfs-eop-word-rce-msmq-queuejumper-rce-pcl6-dns-dhcp/
Vulristics report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_april2023_report_with_comments_ext_img.html