March, 2023: Patch Tuesday - Two Zero Days, Nine Critical Updates

Welcome to my March Patch Tuesday newsletter. This month Microsoft released updates for 109 vulnerabilties. You will be happy to know that only 9 of those are rated critical. Of these 9, I have to bring attention to the 2 zero-days for this month. CVE-2023-24880 is not only public but is currently being exploited. This vulnerabilitiy exploits Mark of the Web (MOTW) and Windows SmartScreen. If an attacker successfully takes advantage of this exploit then Windows SmartScreen protection could be bypassed resulting in malicious files being opened in Office products, for example. The other zero-day, CVE-2023-23397, is also related to an Office exploit that could allow a specially crafted email to run an elevation of privilege exploit BEFORE the email is viewed in the Preview Pane. So I recommend that you get this patches ASAP.

Besides the 2 zero-days mentioned above, it's a fairly light month.

Patch data provided by:

LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 8.1, RT 8.1, 10, 11

Server 2008 SP2, 2008R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations

Critical

CVE-2023-1017
CVE-2023-1018
CVE-2023-21708
CVE-2023-23385
CVE-2023-23388
CVE-2023-23392
CVE-2023-23393
CVE-2023-23394
CVE-2023-23400
CVE-2023-23401
CVE-2023-23402
CVE-2023-23403
CVE-2023-23404
CVE-2023-23405
CVE-2023-23406
CVE-2023-23407
CVE-2023-23409
CVE-2023-23410
CVE-2023-23411
CVE-2023-23412
CVE-2023-23413
CVE-2023-23414
CVE-2023-23415
CVE-2023-23416
CVE-2023-23417
CVE-2023-23418
CVE-2023-23419
CVE-2023-23420
CVE-2023-23421
CVE-2023-23422
CVE-2023-23423
CVE-2023-24856
CVE-2023-24857
CVE-2023-24858
CVE-2023-24859
CVE-2023-24861
CVE-2023-24862
CVE-2023-24863
CVE-2023-24864
CVE-2023-24865
CVE-2023-24866
CVE-2023-24867
CVE-2023-24868
CVE-2023-24869
CVE-2023-24870
CVE-2023-24871
CVE-2023-24872
CVE-2023-24876
CVE-2023-24880**
CVE-2023-24906
CVE-2023-24907
CVE-2023-24908
CVE-2023-24909
CVE-2023-24910
CVE-2023-24911
CVE-2023-24913

Workaround: No
Exploited: Yes*
Public: Yes**

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Edge

Chromium-based

Important

CVE-2023-0927
CVE-2023-0928
CVE-2023-0929
CVE-2023-0930
CVE-2023-0931
CVE-2023-0932
CVE-2023-0933
CVE-2023-0941
CVE-2023-1213
CVE-2023-1214
CVE-2023-1215
CVE-2023-1216
CVE-2023-1217
CVE-2023-1218
CVE-2023-1219
CVE-2023-1220
CVE-2023-1221
CVE-2023-1222
CVE-2023-1223
CVE-2023-1224
CVE-2023-1228
CVE-2023-1229
CVE-2023-1230
CVE-2023-1231
CVE-2023-1232
CVE-2023-1233
CVE-2023-1234
CVE-2023-1235
CVE-2023-1236
CVE-2023-24892

Workaround: No
Exploited: No
Public: No

Spoofing

Office

365 Apps for Enterprise

Office 2013 RT SP1, 2013 SP1, 2016, 2019, LTSC 2021

2019 for Mac, LTSC Mac 2021

Office for Android and Universal

Online Server

Web Apps Server 2013 SP1

OneDrive for Android, iOS and MacOS Installer

Excel/Outlook 2013 RT SP1, 2013 SP1, 2016

Critical

CVE-2023-23391
CVE-2023-23396
CVE-2023-23397*
CVE-2023-23398
CVE-2023-23399
CVE-2023-24882
CVE-2023-24890
CVE-2023-24910
CVE-2023-24923
CVE-2023-24930

Workaround: No
Exploited: Yes*
Public: No

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

SharePoint

Enterprise Server 2013 SP1, 2016

Foundation 2013 SP1

Server 2019

Server Subscription Edition

Important

CVE-2023-23395

Workaround: No
Exploited: No
Public: No

Spoofing

Azure

Service Fabric 9.1 for Ubuntu and Windows

HDInsights

Important

CVE-2023-23383
CVE-2023-23408

Workaround: No
Exploited: No
Public: No

Spoofing

Visual Studio

2017 15.9 and earlier

2019 16.11 and earlier

2022 17.5, 17.4, 17.2, 17.0

Important

CVE-2023-22490
CVE-2023-22743
CVE-2023-23618
CVE-2023-23946

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

System Center

Malware Protection Engine

Important

CVE-2023-23389

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Dynamics 365

On-Prem 9.0, 9.1

Important

CVE-2023-24879
CVE-2023-24891
CVE-2023-24919
CVE-2023-24920
CVE-2023-24921
CVE-2023-24922

Workaround: No
Exploited: No
Public: No

Spoofing

Information Disclosure