Skip to main content

The March 2023 Patch Tuesday report is out, and it’s packed with important security updates. Microsoft released 80 fixes, 9 of which are rated as critical. This month’s Patch Tuesday is important for IT professionals and system administrators, as it includes two zero-day vulnerabilities and 83 flaws that need to be addressed.

These vulnerabilities could potentially allow attackers to gain unauthorized access to sensitive information, execute malicious code, or cause a denial-of-service condition. It is recommended that users apply these updates as soon as possible to avoid potential exploitation.

In this blog post, we’ll discuss the latest March 2023 Patch Tuesday report from Microsoft and the most important updates. We’ll also provide some tips on how to make sure your systems are up-to-date with the latest security patches.

So let’s dive in and take a closer look at what this month’s Patch Tuesday has to offer!

Microsoft Patch Tuesday March 2023 Report Summary:

Microsoft released the March 2023 Patch Tuesday on 14th March. Let’s see the summary of the report:

  • Microsoft’s March 2023 Patch Tuesday release was a big one, with 80 vulnerabilities across the company’s hardware and software line. Of these, 9 were rated as critical, 70 as important, and 1 as moderate.
  • The most notable of these vulnerabilities included two zero-day flaws that were actively being exploited in Outlook and SmartScreen. Microsoft also released an update for Windows 8.1 users to remind them that the operating system had reached end of support on January 10th, 2023.
  • The March 2023 update includes fixes for two zero-day vulnerabilities, which are actively being exploited in the wild.
  • Out of 9 Critical vulnerabilities, 5 are Remote Code Executi vulnerabilities, 3 are Privilege Escalation, and one is Denial of Service.
  • The products covered in the March security update include Microsoft Windows, Office, Azure, Microsoft System Center, Microsoft Exchange Server, Microsoft SQL Server, Microsoft Visual Studio, Microsoft Edge, and many Developer Tools.
  •  The update also includes non-security updates for Windows 10: Windows 11 KB5023706 and KB5023698 cumulative updates and Windows 10 KB5023696 and KB5023697 updates.

Vulnerabilities by Category:

Here’s a table showing the number of bugs in each vulnerability category:

Vulnerability Category Number of Bugs
Remote Code Execution 27
Elevation of Privilege 21
Information Disclosure 15
Spoofing 10
Denial of Service 4
Security Feature Bypass 2
Edge – Chromium Vulnerability 1

The table provides information about the number of bugs in different categories of vulnerabilities. It shows that there are 21 Elevation of Privilege vulnerabilities, 2 Security Feature Bypass vulnerabilities, 27 Remote Code Execution vulnerabilities, 15 Information Disclosure vulnerabilities, 4 Denial of Service vulnerabilities, 10 Spoofing vulnerabilities, and 1 Edge-Chromium vulnerability.

List of Zero-Day Vulnerabilities Patched in March 2023 Patch Tuesday:

The term “zero-day” refers to the fact that developers have zero days to fix the issue before attackers can take advantage of it. These are considered the most dangerous since they are set to exploit before patches are released. Microsoft announced that it had fixed two zero-day vulnerabilities being exploited in the wild.

 

See Also Detailed Procedure To Set Up Your Own WordPress Hosting Platform On Ubuntu Or Debian Platform!

CVE ID Vulnerable Product/Application Vulnerability Type
CVE-2023-23397 Microsoft Outlook Elevation of Privilege
CVE-2023-24880 Windows SmartScreen Security Features Bypass

Microsoft Outlook Elevation of Privilege Vulnerability – CVE-2023-23397

If you are a Microsoft Outlook user, you need to be aware of a newly discovered vulnerability that can compromise your system. CVE-2023-23397 is an elevation of privilege vulnerability that allows attackers to access a user’s Net-NTLMv2 hash, which can be used to carry out an NTLM Relay attack against another service to authenticate as the user.

This vulnerability can be exploited by a low-complexity attack through specially crafted emails sent by attackers to connect the victim to an external attacker’s control UNC location. The email will be triggered automatically when retrieved and processed by the Outlook client, allowing the attacker to access the Net-NTLMv2 hash before the email is even viewed in the Preview Pane.

The consequences of this vulnerability can be severe, as it allows attackers to authenticate as the user and gain access to sensitive information. This can be a severe threat to individuals and organizations that use Outlook for their daily operations. Active exploitation of this vulnerability has been detected, and it is crucial to take immediate action to prevent any further damage.

Windows SmartScreen Security Feature Bypass Vulnerability – CVE-2023-24880

Another critical vulnerability that has been recently discovered is CVE-2023-24880, a Windows SmartScreen Security Feature Bypass Vulnerability. Microsoft has confirmed that this vulnerability is being actively exploited in the wild, and it is essential to take immediate action to prevent any further damage.

SmartScreen is a Windows security feature that helps protect users from downloading files from unreliable sources. When a user tries to download a file from the Internet, Windows adds a hidden tag called the Mark of the Web (MOTW) to the file. This feature restricts the capability and usage of files with the MOTW tag.

This vulnerability can be exploited by crafting a malicious file to bypass the Mark of the Web (MOTW) defenses. Attackers can use this vulnerability to bypass the SmartScreen feature and download malicious files to your system.

List of Critical Vulnerabilities Patched in March 2023 Patch Tuesday:

The severity of the identified vulnerabilities is measured in the CVSS score. CVSS is a scale measured from 0 to 10 where 0 is the least severe and 10 is the most severe Vulnerability. All the vulnerabilities are assigned a CVSS number between 0.0 to 10.10 depending on several factors, including the attack vector, the attack complexity, and the impact on confidentiality, integrity, and availability. The vulnerabilities assigned the CVSS score between 0 to 4 are labeled ‘Low’ severity. The vulnerabilities assigned the CVSS score between 4 to 7 are labeled ‘Medium’ severity. Similarly, the vulnerabilities assigned a CVSS score between 7 to 8 are labeled ‘High’ severity, and the CVSS score between 9 to 10 is ‘Critical’ in severity.

The below table lists the vulnerabilities considered Critical in severity.

CVE ID CVE Title
CVE-2023-23415 Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
CVE-2023-23397 Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2023-23404 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-23411 Windows Hyper-V Denial of Service Vulnerability
CVE-2023-23416 Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2023-23392 HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2023-21708 Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-1017 CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2023-1018 CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability

Complete List of Vulnerabilities Patched in March 2023 Patch Tuesday Are: 

You can download the complete list of the patched vulnerabilities from the official Microsoft security updates sheet from here

 

See Also What Are Google Ads? How Threat Actors Abuse Google Ads? Tips to Spot Fake Google Ads And How You Should Protect Yourselves From Fake Google Ads?

CVE ID Severity CVE Title Tag
CVE-2023-23408 Important Azure Apache Ambari Spoofing Vulnerability Azure
CVE-2023-23409 Important Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability Client Server Run-time Subsystem (CSRSS)
CVE-2023-23394 Important Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability Client Server Run-time Subsystem (CSRSS)
CVE-2023-23415 Critical Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability Internet Control Message Protocol (ICMP)
CVE-2023-0567 Unknown Unknown Mariner
CVE-2023-20052 Unknown Unknown Mariner
CVE-2023-20032 Unknown Unknown Mariner
CVE-2023-23388 Important Windows Bluetooth Driver Elevation of Privilege Vulnerability Microsoft Bluetooth Driver
CVE-2023-24920 Important Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics
CVE-2023-24879 Important Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics
CVE-2023-24919 Important Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics
CVE-2023-24891 Important Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics
CVE-2023-24922 Important Microsoft Dynamics 365 Information Disclosure Vulnerability Microsoft Dynamics
CVE-2023-24921 Important Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics
CVE-2023-1236 Unknown Chromium: CVE-2023-1236 Inappropriate implementation in Internals Microsoft Edge (Chromium-based)
CVE-2023-1235 Unknown Chromium: CVE-2023-1235 Type Confusion in DevTools Microsoft Edge (Chromium-based)
CVE-2023-1213 Unknown Chromium: CVE-2023-1213 Use after free in Swiftshader Microsoft Edge (Chromium-based)
CVE-2023-24892 Important Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability Microsoft Edge (Chromium-based)
CVE-2023-1234 Unknown Chromium: CVE-2023-1234 Inappropriate implementation in Intents Microsoft Edge (Chromium-based)
CVE-2023-1223 Unknown Chromium: CVE-2023-1223 Insufficient policy enforcement in Autofill Microsoft Edge (Chromium-based)
CVE-2023-1222 Unknown Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API Microsoft Edge (Chromium-based)
CVE-2023-1221 Unknown Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions API Microsoft Edge (Chromium-based)
CVE-2023-1229 Unknown Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts Microsoft Edge (Chromium-based)
CVE-2023-1228 Unknown Chromium: CVE-2023-1228 Insufficient policy enforcement in Intents Microsoft Edge (Chromium-based)
CVE-2023-1224 Unknown Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API Microsoft Edge (Chromium-based)
CVE-2023-1220 Unknown Chromium: CVE-2023-1220 Heap buffer overflow in UMA Microsoft Edge (Chromium-based)
CVE-2023-1216 Unknown Chromium: CVE-2023-1216 Use after free in DevTools Microsoft Edge (Chromium-based)
CVE-2023-1215 Unknown Chromium: CVE-2023-1215 Type Confusion in CSS Microsoft Edge (Chromium-based)
CVE-2023-1214 Unknown Chromium: CVE-2023-1214  Type Confusion in V8 Microsoft Edge (Chromium-based)
CVE-2023-1219 Unknown Chromium: CVE-2023-1219 Heap buffer overflow in Metrics Microsoft Edge (Chromium-based)
CVE-2023-1218 Unknown Chromium: CVE-2023-1218 Use after free in WebRTC Microsoft Edge (Chromium-based)
CVE-2023-1217 Unknown Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting Microsoft Edge (Chromium-based)
CVE-2023-1230 Unknown Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs Microsoft Edge (Chromium-based)
CVE-2023-1232 Unknown Chromium: CVE-2023-1232 Insufficient policy enforcement in Resource Timing Microsoft Edge (Chromium-based)
CVE-2023-1233 Unknown Chromium: CVE-2023-1233 Insufficient policy enforcement in Resource Timing Microsoft Edge (Chromium-based)
CVE-2023-1231 Unknown Chromium: CVE-2023-1231 Inappropriate implementation in Autofill Microsoft Edge (Chromium-based)
CVE-2023-24910 Important Windows Graphics Component Elevation of Privilege Vulnerability Microsoft Graphics Component
CVE-2023-23398 Important Microsoft Excel Spoofing Vulnerability Microsoft Office Excel
CVE-2023-23396 Important Microsoft Excel Denial of Service Vulnerability Microsoft Office Excel
CVE-2023-23399 Important Microsoft Excel Remote Code Execution Vulnerability Microsoft Office Excel
CVE-2023-23397 Critical Microsoft Outlook Elevation of Privilege Vulnerability Microsoft Office Outlook
CVE-2023-23395 Important Microsoft SharePoint Server Spoofing Vulnerability Microsoft Office SharePoint
CVE-2023-24890 Important Microsoft OneDrive for iOS Security Feature Bypass Vulnerability Microsoft OneDrive
CVE-2023-24930 Important Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability Microsoft OneDrive
CVE-2023-24882 Important Microsoft OneDrive for Android Information Disclosure Vulnerability Microsoft OneDrive
CVE-2023-24923 Important Microsoft OneDrive for Android Information Disclosure Vulnerability Microsoft OneDrive
CVE-2023-24907 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24857 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24868 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24872 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24876 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24913 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24864 Important Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24866 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24906 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24867 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24863 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24858 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24911 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24870 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24909 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-23406 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-23413 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24856 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript Printer Driver
CVE-2023-24865 Important Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft Printer Drivers
CVE-2023-23403 Important Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft Printer Drivers
CVE-2023-23401 Important Windows Media Remote Code Execution Vulnerability Microsoft Windows Codecs Library
CVE-2023-23402 Important Windows Media Remote Code Execution Vulnerability Microsoft Windows Codecs Library
CVE-2023-23391 Important Office for Android Spoofing Vulnerability Office for Android
CVE-2023-23404 Critical Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Remote Access Service Point-to-Point Tunneling Protocol
CVE-2023-23400 Important Windows DNS Server Remote Code Execution Vulnerability Role: DNS Server
CVE-2023-23411 Critical Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V
CVE-2023-23383 Important Service Fabric Explorer Spoofing Vulnerability Service Fabric
CVE-2023-23618 Important GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability Visual Studio
CVE-2023-22743 Important GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability Visual Studio
CVE-2023-23946 Important GitHub: CVE-2023-23946 mingit Remote Code Execution Vulnerability Visual Studio
CVE-2023-22490 Important GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability Visual Studio
CVE-2023-23412 Important Windows Accounts Picture Elevation of Privilege Vulnerability Windows Accounts Control
CVE-2023-24871 Important Windows Bluetooth Service Remote Code Execution Vulnerability Windows Bluetooth Service
CVE-2023-23393 Important Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability Windows Central Resource Manager
CVE-2023-23416 Critical Windows Cryptographic Services Remote Code Execution Vulnerability Windows Cryptographic Services
CVE-2023-23389 Important Microsoft Defender Elevation of Privilege Vulnerability Windows Defender
CVE-2023-23392 Critical HTTP Protocol Stack Remote Code Execution Vulnerability Windows HTTP Protocol Stack
CVE-2023-23410 Important Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys
CVE-2023-24859 Important Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows Internet Key Exchange (IKE) Protocol
CVE-2023-23420 Important Windows Kernel Elevation of Privilege Vulnerability Windows Kernel
CVE-2023-23422 Important Windows Kernel Elevation of Privilege Vulnerability Windows Kernel
CVE-2023-23421 Important Windows Kernel Elevation of Privilege Vulnerability Windows Kernel
CVE-2023-23423 Important Windows Kernel Elevation of Privilege Vulnerability Windows Kernel
CVE-2023-23417 Important Windows Partition Management Driver Elevation of Privilege Vulnerability Windows Partition Management Driver
CVE-2023-23407 Important Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-23385 Important Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-23414 Important Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-21708 Critical Remote Procedure Call Runtime Remote Code Execution Vulnerability Windows Remote Procedure Call
CVE-2023-23405 Important Remote Procedure Call Runtime Remote Code Execution Vulnerability Windows Remote Procedure Call Runtime
CVE-2023-24869 Important Remote Procedure Call Runtime Remote Code Execution Vulnerability Windows Remote Procedure Call Runtime
CVE-2023-24908 Important Remote Procedure Call Runtime Remote Code Execution Vulnerability Windows Remote Procedure Call Runtime
CVE-2023-23419 Important Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Windows Resilient File System (ReFS)
CVE-2023-23418 Important Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Windows Resilient File System (ReFS)
CVE-2023-24862 Important Windows Secure Channel Denial of Service Vulnerability Windows Secure Channel
CVE-2023-24880 Moderate Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen
CVE-2023-1017 Critical CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability Windows TPM
CVE-2023-1018 Critical CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability Windows TPM
CVE-2023-24861 Important Windows Graphics Component Elevation of Privilege Vulnerability Windows Win32K

Leave a Reply