You are currently viewing Microsoft March 2023 Patch Tuesday Fixes 80 Vulnerabilities Including 2 Critical Zero-Day Exploits!

Microsoft March 2023 Patch Tuesday Fixes 80 Vulnerabilities Including 2 Critical Zero-Day Exploits!

  • Post author:
  • Reading time:15 mins read

In March 2023 Patch Tuesday Releases, Microsoft addressed 80 CVEs, of which nine were rated as critical, including 2 Zero-day, 66 as important, and one as moderate. This count also includes two CVEs (CVE-2023-1017 and CVE-2023-1018 ) found in a third-party Trusted Platform Module (TPM2.0) Library. It is essential to use a vulnerability management tool often to check for vulnerabilities in your IT infrastructure.

This month’s Microsoft March 2023 Patch Tuesday security patches cover various products and versions, including Azure, Microsoft Edge (Chromium-based), Visual Studio, and various Windows components such as Windows Kernel, TPM, and Windows Win32K. The products affected include Microsoft Bluetooth Driver, Microsoft Graphics Component, and Office applications such as Excel, Outlook, and SharePoint. Additionally, vulnerabilities were identified in Windows services such as Windows Bluetooth Service, Windows Cryptographic Services, and Windows HTTP Protocol Stack, among others. Vulnerability Management Software can prevent such attacks from occurring.

Zero-day Vulnerabilities in Microsoft March 2023 Patch Tuesday

Microsoft March 2023 Patch Tuesday, fixed two zero-day vulnerabilities.

CVE-2023-23397 – Microsoft Outlook Elevation of Privilege Vulnerability could allow attackers to access the Net-NTLMv2 hash of a victim’s Windows account by sending a specially crafted email. The flaw, which is triggered automatically when the email is retrieved and processed by the email server, has been rated as critical by Microsoft. As a matter of fact, the company warned that STRONTIUM, a Russian state-sponsored hacking group, had already exploited the vulnerability to steal emails from targeted accounts. Nonetheless, CERT-UA, Microsoft Incident, and Microsoft Threat Intelligence reported the vulnerability.

CVE-2023-24880 – Windows SmartScreen Security Feature Bypass Vulnerability could be exploited to bypass the Windows Mark of the Web security warning. This vulnerability was a bypass to a previous zero-day, CVE-2022-44698, that was also exploited by Magniber and fixed by Microsoft in December. Although, it is found that the Magniber operation switched to using malformed authenticode signatures in MSI files to bypass the fix. Moreover, Microsoft says that the vulnerability was disclosed by researchers from Google’s Threat Analysis Group and Microsoft.

Critical Vulnerabilities Uncovered by Microsoft March 2023 Patch Tuesday

TagCVE NumberCVE TitleMax Severity
Microsoft DynamicsCVE-2022-41127 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution VulnerabilityCritical
Windows HTTP Protocol StackCVE-2023-23392 HTTP Protocol Stack Remote Code Execution VulnerabilityCritical
Microsoft Office OutlookCVE-2023-23397 Microsoft Outlook Elevation of Privilege VulnerabilityCritical
Windows Remote Procedure CallCVE-2023-21708 Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Remote Access Service Point-to-Point Tunneling ProtocolCVE-2023-23404 Windows Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Role: Windows Hyper-VCVE-2023-23411 Windows Hyper-V Denial of Service VulnerabilityCritical
Internet Control Message Protocol (ICMP)CVE-2023-23415 Internet Control Message Protocol (ICMP) Remote Code Execution VulnerabilityCritical
Windows Cryptographic ServicesCVE-2023-23416 Windows Cryptographic Services Remote Code Execution VulnerabilityCritical
Windows TPMCVE-2023-1017 CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege VulnerabilityCritical
Windows TPMCVE-2023-1018 CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege VulnerabilityCritical

Microsoft security bulletin summary for March 2023

This release includes security updates for the following products, features, and roles.

  • Azure
  • Internet Control Message Protocol (ICMP)
  • Microsoft Bluetooth Driver
  • Microsoft Graphics Component
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft OneDrive
  • Microsoft Printer Drivers
  • Microsoft Windows Codecs Library
  • Remote Access Service Point-to-Point Tunneling Protocol
  • Role: DNS Server
  • Role: Windows Hyper-V
  • Visual Studio
  • Windows Accounts Control
  • Windows Bluetooth Service
  • Windows Central Resource Manager
  • Windows Cryptographic Services
  • Windows Defender
  • Windows HTTP Protocol Stack
  • Windows Kernel
  • Windows Partition Management Driver
  • Windows Point-to-Point Protocol over Ethernet (PPPoE)
  • Windows Remote Procedure Call
  • Windows Remote Procedure Call Runtime
  • Windows Resilient File System (ReFS)
  • Windows Secure Channel
  • Windows SmartScreen
  • Windows TPM
  • Windows Win32K

Microsoft March 2023 Patch Tuesday affected products:

Product: Microsoft Windows.
CVEs/Advisory: CVE-2023-23392 , CVE-2023-1018 , CVE-2023-24911 , CVE-2023-24870 , CVE-2023-24880 , CVE-2023-24876 , CVE-2023-24908 , CVE-2023-24910 , CVE-2023-24909 , CVE-2023-24868 , CVE-2023-24872 , CVE-2023-23403 , CVE-2023-24871 , CVE-2023-24869 , CVE-2023-24907 , CVE-2023-1017 , CVE-2023-24913 , CVE-2023-24867 , CVE-2023-24906 , CVE-2023-24866 , CVE-2023-24865 , CVE-2023-24864 , CVE-2023-24863 , CVE-2023-24862 , CVE-2023-24861 , CVE-2023-24859 , CVE-2023-24858 , CVE-2023-24857 , CVE-2023-24856 , CVE-2023-23423 , CVE-2023-23422 , CVE-2023-23421 , CVE-2023-23420 , CVE-2023-23419 , CVE-2023-23418 , CVE-2023-23417 , CVE-2023-23416 , CVE-2023-23415 , CVE-2023-23414 , CVE-2023-23413 , CVE-2023-23412 , CVE-2023-23411 , CVE-2023-23410 , CVE-2023-23409 , CVE-2023-23407 , CVE-2023-23406 , CVE-2023-23405 , CVE-2023-23404 , CVE-2023-23402 , CVE-2023-23401 , CVE-2023-23400 , CVE-2023-23394 , CVE-2023-23393 , CVE-2023-23388 , CVE-2023-23385 , CVE-2023-21708
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s: 5023696, 5023697, 5023698, 5023702, 5023705, 5023706, 5023713, 5023752, 5023754, 5023755, 5023756, 5023759, 5023764, 5023765, 5023769, 5023786

Product: Microsoft Office.
CVE/Advisory: CVE-2023-24910 , CVE-2023-23391 , CVE-2023-23397 , CVE-2023-23399 , CVE-2023-23398 , CVE-2023-23396
Impact: Elevation of Privilege, Spoofing, Remote Code Execution and then Denial of Service

These were the highlights of Microsoft March 2023 Patch Tuesday.

However, SanerNow VM and SanerNow PM can detect and automatically fix these vulnerabilities by applying security updates. Therefore, use SanerNow and keep your systems updated and secure.

Share this article