Microsoft Releases March 2023 Security Updates

Scheduled updates for Microsoft products, including security updates for two zero-day vulnerabilities

Threat ID:: CC-4283
Threat Severity:: Medium
Published:: 15 March 2023 12:25 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products, including security updates for two zero-day vulnerabilities

Affected platforms

The following platforms are known to be affected:

Microsoft Outlook

Microsoft Defender Smartscreen

Microsoft Azure

Microsoft Office

Microsoft Office Sharepoint

The following platforms are also known to be affected:

Client Server Run-time Subsystem (CSRSS)
Internet Control Message Protocol (ICMP)
Microsoft Bluetooth Driver
Microsoft Dynamics
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft Office Excel
Microsoft OneDrive
Microsoft PostScript Printer Driver
Microsoft Printer Drivers
Microsoft Windows Codecs Library
Office for Android
Remote Access Service Point-to-Point Tunneling Protocol
Role: DNS Server
Role: Windows Hyper-V
Service Fabric
Visual Studio
Windows Accounts Control
Windows Bluetooth Service
Windows Central Resource Manager
Windows Cryptographic Services
Windows Defender
Windows HTTP Protocol Stack
Windows HTTP.sys
Windows Internet Key Exchange (IKE) Protocol
Windows Kernel
Windows Partition Management Driver
Windows Point-to-Point Protocol over Ethernet (PPPoE)
Windows Remote Procedure Call
Windows Remote Procedure Call Runtime
Windows Resilient File System (ReFS)
Windows Secure Channel
Windows TPM
Windows Win32K

Threat details

Introduction

Microsoft has released updates to address 98 vulnerabilities across their products, with 9 of them rated as critical and 2 reported as zero-day vulnerabilities. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Exploitation in the wild

Microsoft has released updates for two zero-day vulnerabilities that have been added to CISA's Known Exploited Vulnerabilities Catalog.

The vulnerability referred to as CVE-2023-24880 is a security feature bypass vulnerability, affecting Windows Smartscreen.

In addition to this cyber alert, NHS England has a released high severity cyber alert CC-4282 addressing a privilege escalation vulnerability known as CVE-2023-23397, which affecting Microsoft Outlook, Microsoft Office, and Microsoft 365 Apps for Enterprise. Affected organisations are required to read Microsoft guidance and apply relevant patches.

Threat updates

Date	Update
30 Mar 2023	Microsoft pushes Out-Of-Bound security updates for Windows Snipping tool flaw Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix a privacy vulnerability. Tracked as CVE-2023-28303, the vulnerability is caused by image editors not properly removing cropped image data when overwriting the original file.

Remediation advice

Affected organisations are encouraged to review Microsoft’s March 2023 Security Update Summary and Deployment Information and apply the relevant updates.

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2023-23397

Microsoft Outlook Elevation of Privilege Vulnerability

Status Published

CVE-2023-24880

Windows SmartScreen Security Feature Bypass Vulnerability

Last edited: 30 March 2023 4:47 pm