Microsoft March 2023 Patch Tuesday
This month we got patches for 76 vulnerabilities. Of these, 9 are critical and 2 are already being exploited, according to Microsoft.
One of the exploited vulnerabilities is an elevation of privilege affecting Microsoft Outlook (CVE-2023-23397). According to the advisory, an attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user. The attacker could exploit this vulnerability by sending a specially crafted email that triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane. The CVSS for this vulnerability is 9.8.
The second exploit vulnerability is a security feature bypass affecting Windows SmartScreen (CVE-2023-24880). According to the advisory, an attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. The CVSS for this vulnerability is 5.4.
There is another critical vulnerability worth mentioning which is Remote Code Execution (RCE) affecting HTTP Protocol Stack (CVE-2023-23392). A prerequisite for a server to be vulnerable is that the binding has HTTP/3 enabled and the server uses buffered I/O. HTTP/3 support for services is a new feature of Windows Server 2022. This vulnerability requires no user interaction, no privileges, and the attack complexity is low. The CVSS for this vulnerability is 9.8.
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/
March 2023 Security Updates
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Azure Apache AmbariSpoofing Vulnerability | |||||||
CVE-2023-23408 | No | No | - | - | Important | 4.5 | 3.9 |
CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability | |||||||
CVE-2023-1017 | No | No | - | - | Critical | 8.8 | 7.7 |
CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability | |||||||
CVE-2023-1018 | No | No | - | - | Critical | 8.8 | 7.7 |
Chromium: CVE-2023-1213 Use after free in Swiftshader | |||||||
CVE-2023-1213 | No | No | - | - | - | ||
Chromium: CVE-2023-1214 Type Confusion in V8 | |||||||
CVE-2023-1214 | No | No | - | - | - | ||
Chromium: CVE-2023-1215 Type Confusion in CSS | |||||||
CVE-2023-1215 | No | No | - | - | - | ||
Chromium: CVE-2023-1216 Use after free in DevTools | |||||||
CVE-2023-1216 | No | No | - | - | - | ||
Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting | |||||||
CVE-2023-1217 | No | No | - | - | - | ||
Chromium: CVE-2023-1218 Use after free in WebRTC | |||||||
CVE-2023-1218 | No | No | - | - | - | ||
Chromium: CVE-2023-1219 Heap buffer overflow in Metrics | |||||||
CVE-2023-1219 | No | No | - | - | - | ||
Chromium: CVE-2023-1220 Heap buffer overflow in UMA | |||||||
CVE-2023-1220 | No | No | - | - | - | ||
Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions API | |||||||
CVE-2023-1221 | No | No | - | - | - | ||
Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API | |||||||
CVE-2023-1222 | No | No | - | - | - | ||
Chromium: CVE-2023-1223 Insufficient policy enforcement in Autofill | |||||||
CVE-2023-1223 | No | No | - | - | - | ||
Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API | |||||||
CVE-2023-1224 | No | No | - | - | - | ||
Chromium: CVE-2023-1228 Insufficient policy enforcement in Intents | |||||||
CVE-2023-1228 | No | No | - | - | - | ||
Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts | |||||||
CVE-2023-1229 | No | No | - | - | - | ||
Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs | |||||||
CVE-2023-1230 | No | No | - | - | - | ||
Chromium: CVE-2023-1231 Inappropriate implementation in Autofill | |||||||
CVE-2023-1231 | No | No | - | - | - | ||
Chromium: CVE-2023-1232 Insufficient policy enforcement in Resource Timing | |||||||
CVE-2023-1232 | No | No | - | - | - | ||
Chromium: CVE-2023-1233 Insufficient policy enforcement in Resource Timing | |||||||
CVE-2023-1233 | No | No | - | - | - | ||
Chromium: CVE-2023-1234 Inappropriate implementation in Intents | |||||||
CVE-2023-1234 | No | No | - | - | - | ||
Chromium: CVE-2023-1235 Type Confusion in DevTools | |||||||
CVE-2023-1235 | No | No | - | - | - | ||
Chromium: CVE-2023-1236 Inappropriate implementation in Internals | |||||||
CVE-2023-1236 | No | No | - | - | - | ||
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability | |||||||
CVE-2023-23394 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2023-23409 | No | No | - | - | Important | 5.5 | 4.8 |
GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability | |||||||
CVE-2023-22490 | No | No | - | - | Important | ||
GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2023-22743 | No | No | - | - | Important | ||
GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability | |||||||
CVE-2023-23618 | No | No | - | - | Important | ||
GitHub: CVE-2023-23946 mingit Remote Code Execution Vulnerability | |||||||
CVE-2023-23946 | No | No | - | - | Important | ||
HTTP Protocol Stack Remote Code Execution Vulnerability | |||||||
CVE-2023-23392 | No | No | - | - | Critical | 9.8 | 8.5 |
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability | |||||||
CVE-2023-23415 | No | No | - | - | Critical | 9.8 | 8.5 |
Microsoft Defender Elevation of Privilege Vulnerability | |||||||
CVE-2023-23389 | No | No | - | - | Important | 6.3 | 5.5 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||||
CVE-2023-24919 | No | No | - | - | Important | 5.4 | 4.7 |
CVE-2023-24879 | No | No | - | - | Important | 5.4 | 4.7 |
CVE-2023-24920 | No | No | - | - | Important | 5.4 | 4.7 |
CVE-2023-24921 | No | No | - | - | Important | 4.1 | 3.6 |
CVE-2023-24891 | No | No | - | - | Important | 5.4 | 4.7 |
Microsoft Dynamics 365 Information Disclosure Vulnerability | |||||||
CVE-2023-24922 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | |||||||
CVE-2023-24892 | No | No | - | - | Important | 7.1 | 6.2 |
Microsoft Excel Denial of Service Vulnerability | |||||||
CVE-2023-23396 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2023-23399 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft Excel Spoofing Vulnerability | |||||||
CVE-2023-23398 | No | No | - | - | Important | 7.1 | 6.2 |
Microsoft OneDrive for Android Information Disclosure Vulnerability | |||||||
CVE-2023-24923 | No | No | - | - | Important | 5.5 | 4.8 |
CVE-2023-24882 | No | No | - | - | Important | 5.5 | 4.8 |
Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability | |||||||
CVE-2023-24930 | No | No | - | - | Important | 7.8 | 6.8 |
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability | |||||||
CVE-2023-24890 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft Outlook Elevation of Privilege Vulnerability | |||||||
CVE-2023-23397 | No | Yes | - | - | Critical | 9.8 | 9.1 |
Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-24864 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | |||||||
CVE-2023-24856 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-24857 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2023-24858 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2023-24863 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2023-24865 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2023-24866 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-24906 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-24870 | No | No | - | - | Important | 6.5 | 5.7 |
CVE-2023-24911 | No | No | - | - | Important | 6.5 | 5.7 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | |||||||
CVE-2023-23403 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2023-23406 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-23413 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24867 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24907 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24868 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24909 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24872 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24913 | No | No | - | - | Important | 8.8 | 7.7 |
CVE-2023-24876 | No | No | More Likely | Less Likely | Important | 8.8 | 7.7 |
Microsoft SharePoint Server Spoofing Vulnerability | |||||||
CVE-2023-23395 | No | No | - | - | Important | 3.1 | 2.7 |
Office for Android Spoofing Vulnerability | |||||||
CVE-2023-23391 | No | No | - | - | Important | 5.5 | 4.8 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||||
CVE-2023-21708 | No | No | - | - | Critical | 9.8 | 8.5 |
CVE-2023-23405 | No | No | - | - | Important | 8.1 | 7.1 |
CVE-2023-24908 | No | No | - | - | Important | 8.1 | 7.1 |
CVE-2023-24869 | No | No | - | - | Important | 8.1 | 7.1 |
Service Fabric Explorer Spoofing Vulnerability | |||||||
CVE-2023-23383 | No | No | - | - | Important | 8.2 | 7.1 |
Windows Accounts Picture Elevation of Privilege Vulnerability | |||||||
CVE-2023-23412 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Bluetooth Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-23388 | No | No | - | - | Important | 8.8 | 7.7 |
Windows Bluetooth Service Remote Code Execution Vulnerability | |||||||
CVE-2023-24871 | No | No | - | - | Important | 8.8 | 7.7 |
Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability | |||||||
CVE-2023-23393 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows Cryptographic Services Remote Code Execution Vulnerability | |||||||
CVE-2023-23416 | No | No | - | - | Critical | 8.4 | 7.3 |
Windows DNS Server Remote Code Execution Vulnerability | |||||||
CVE-2023-23400 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||||
CVE-2023-24861 | No | No | - | - | Important | 7.0 | 6.1 |
CVE-2023-24910 | No | No | - | - | Important | 7.8 | 6.8 |
Windows HTTP.sys Elevation of Privilege Vulnerability | |||||||
CVE-2023-23410 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2023-23411 | No | No | - | - | Critical | 6.5 | 5.7 |
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||||||
CVE-2023-24859 | No | No | - | - | Important | 7.5 | 6.5 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2023-23420 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23421 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23422 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23423 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Media Remote Code Execution Vulnerability | |||||||
CVE-2023-23401 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23402 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||||
CVE-2023-23417 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability | |||||||
CVE-2023-23385 | No | No | - | - | Important | 7.0 | 6.1 |
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | |||||||
CVE-2023-23407 | No | No | - | - | Important | 7.1 | 6.2 |
CVE-2023-23414 | No | No | - | - | Important | 7.1 | 6.2 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||||
CVE-2023-23404 | No | No | - | - | Critical | 8.1 | 7.1 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | |||||||
CVE-2023-23418 | No | No | - | - | Important | 7.8 | 6.8 |
CVE-2023-23419 | No | No | - | - | Important | 7.8 | 6.8 |
Windows Secure Channel Denial of Service Vulnerability | |||||||
CVE-2023-24862 | No | No | - | - | Important | 5.5 | 4.8 |
Windows SmartScreen Security Feature Bypass Vulnerability | |||||||
CVE-2023-24880 | Yes | Yes | - | - | Moderate | 5.4 | 5.0 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments
Anonymous
Mar 15th 2023
1 year ago
Check here for more details https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2023-exchange-server-security-updates/ba-p/3764224
Dimitris
Mar 15th 2023
1 year ago
We applied the cumulative update and it did not address the exploited M365\Outlook vulnerability. We are using M365 Apps for Enterprise. We've only been able to MANUALLY update office, and the settings in admin center says the updates happen automatically, but how can we FORCE/PUSH the update to the clients???
Anonymous
Mar 16th 2023
1 year ago
Office 365 does automatically update its self but given the severaity of this update I have spent the past 2 days chasing my users to confirm eeryone is up to date.
PW
Mar 17th 2023
1 year ago
Renato
Apr 11th 2023
1 year ago