Microsoft March 2023 Patch Tuesday

Published: 2023-03-14
Last Updated: 2023-03-14 19:43:59 UTC
by Renato Marinho (Version: 1)
5 comment(s)

This month we got patches for 76 vulnerabilities. Of these, 9 are critical and 2 are already being exploited, according to Microsoft.

One of the exploited vulnerabilities is an elevation of privilege affecting Microsoft Outlook (CVE-2023-23397). According to the advisory, an attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user. The attacker could exploit this vulnerability by sending a specially crafted email that triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane. The CVSS for this vulnerability is 9.8.

The second exploit vulnerability is a security feature bypass affecting Windows SmartScreen (CVE-2023-24880). According to the advisory, an attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. The CVSS for this vulnerability is 5.4. 

There is another critical vulnerability worth mentioning which is Remote Code Execution (RCE) affecting HTTP Protocol Stack (CVE-2023-23392). A prerequisite for a server to be vulnerable is that the binding has HTTP/3 enabled and the server uses buffered I/O. HTTP/3 support for services is a new feature of Windows Server 2022. This vulnerability requires no user interaction, no privileges, and the attack complexity is low. The CVSS for this vulnerability is 9.8.

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

March 2023 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure Apache AmbariSpoofing Vulnerability
CVE-2023-23408 No No - - Important 4.5 3.9
CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2023-1017 No No - - Critical 8.8 7.7
CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2023-1018 No No - - Critical 8.8 7.7
Chromium: CVE-2023-1213 Use after free in Swiftshader
CVE-2023-1213 No No - - -    
Chromium: CVE-2023-1214 Type Confusion in V8
CVE-2023-1214 No No - - -    
Chromium: CVE-2023-1215 Type Confusion in CSS
CVE-2023-1215 No No - - -    
Chromium: CVE-2023-1216 Use after free in DevTools
CVE-2023-1216 No No - - -    
Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting
CVE-2023-1217 No No - - -    
Chromium: CVE-2023-1218 Use after free in WebRTC
CVE-2023-1218 No No - - -    
Chromium: CVE-2023-1219 Heap buffer overflow in Metrics
CVE-2023-1219 No No - - -    
Chromium: CVE-2023-1220 Heap buffer overflow in UMA
CVE-2023-1220 No No - - -    
Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions API
CVE-2023-1221 No No - - -    
Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API
CVE-2023-1222 No No - - -    
Chromium: CVE-2023-1223 Insufficient policy enforcement in Autofill
CVE-2023-1223 No No - - -    
Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API
CVE-2023-1224 No No - - -    
Chromium: CVE-2023-1228 Insufficient policy enforcement in Intents
CVE-2023-1228 No No - - -    
Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts
CVE-2023-1229 No No - - -    
Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs
CVE-2023-1230 No No - - -    
Chromium: CVE-2023-1231 Inappropriate implementation in Autofill
CVE-2023-1231 No No - - -    
Chromium: CVE-2023-1232 Insufficient policy enforcement in Resource Timing
CVE-2023-1232 No No - - -    
Chromium: CVE-2023-1233 Insufficient policy enforcement in Resource Timing
CVE-2023-1233 No No - - -    
Chromium: CVE-2023-1234 Inappropriate implementation in Intents
CVE-2023-1234 No No - - -    
Chromium: CVE-2023-1235 Type Confusion in DevTools
CVE-2023-1235 No No - - -    
Chromium: CVE-2023-1236 Inappropriate implementation in Internals
CVE-2023-1236 No No - - -    
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
CVE-2023-23394 No No - - Important 5.5 4.8
CVE-2023-23409 No No - - Important 5.5 4.8
GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability
CVE-2023-22490 No No - - Important    
GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability
CVE-2023-22743 No No - - Important    
GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability
CVE-2023-23618 No No - - Important    
GitHub: CVE-2023-23946 mingit Remote Code Execution Vulnerability
CVE-2023-23946 No No - - Important    
HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2023-23392 No No - - Critical 9.8 8.5
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
CVE-2023-23415 No No - - Critical 9.8 8.5
Microsoft Defender Elevation of Privilege Vulnerability
CVE-2023-23389 No No - - Important 6.3 5.5
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24919 No No - - Important 5.4 4.7
CVE-2023-24879 No No - - Important 5.4 4.7
CVE-2023-24920 No No - - Important 5.4 4.7
CVE-2023-24921 No No - - Important 4.1 3.6
CVE-2023-24891 No No - - Important 5.4 4.7
Microsoft Dynamics 365 Information Disclosure Vulnerability
CVE-2023-24922 No No - - Important 6.5 5.7
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2023-24892 No No - - Important 7.1 6.2
Microsoft Excel Denial of Service Vulnerability
CVE-2023-23396 No No - - Important 6.5 5.7
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-23399 No No - - Important 7.8 6.8
Microsoft Excel Spoofing Vulnerability
CVE-2023-23398 No No - - Important 7.1 6.2
Microsoft OneDrive for Android Information Disclosure Vulnerability
CVE-2023-24923 No No - - Important 5.5 4.8
CVE-2023-24882 No No - - Important 5.5 4.8
Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
CVE-2023-24930 No No - - Important 7.8 6.8
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
CVE-2023-24890 No No - - Important 6.5 5.7
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2023-23397 No Yes - - Critical 9.8 9.1
Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability
CVE-2023-24864 No No Less Likely Less Likely Important 8.8 7.7
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24856 No No - - Important 6.5 5.7
CVE-2023-24857 No No Less Likely Less Likely Important 6.5 5.7
CVE-2023-24858 No No Less Likely Less Likely Important 6.5 5.7
CVE-2023-24863 No No Less Likely Less Likely Important 6.5 5.7
CVE-2023-24865 No No Less Likely Less Likely Important 6.5 5.7
CVE-2023-24866 No No - - Important 6.5 5.7
CVE-2023-24906 No No - - Important 6.5 5.7
CVE-2023-24870 No No - - Important 6.5 5.7
CVE-2023-24911 No No - - Important 6.5 5.7
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-23403 No No Less Likely Less Likely Important 8.8 7.7
CVE-2023-23406 No No - - Important 8.8 7.7
CVE-2023-23413 No No - - Important 8.8 7.7
CVE-2023-24867 No No - - Important 8.8 7.7
CVE-2023-24907 No No - - Important 8.8 7.7
CVE-2023-24868 No No - - Important 8.8 7.7
CVE-2023-24909 No No - - Important 8.8 7.7
CVE-2023-24872 No No - - Important 8.8 7.7
CVE-2023-24913 No No - - Important 8.8 7.7
CVE-2023-24876 No No More Likely Less Likely Important 8.8 7.7
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-23395 No No - - Important 3.1 2.7
Office for Android Spoofing Vulnerability
CVE-2023-23391 No No - - Important 5.5 4.8
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-21708 No No - - Critical 9.8 8.5
CVE-2023-23405 No No - - Important 8.1 7.1
CVE-2023-24908 No No - - Important 8.1 7.1
CVE-2023-24869 No No - - Important 8.1 7.1
Service Fabric Explorer Spoofing Vulnerability
CVE-2023-23383 No No - - Important 8.2 7.1
Windows Accounts Picture Elevation of Privilege Vulnerability
CVE-2023-23412 No No - - Important 7.8 6.8
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-23388 No No - - Important 8.8 7.7
Windows Bluetooth Service Remote Code Execution Vulnerability
CVE-2023-24871 No No - - Important 8.8 7.7
Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability
CVE-2023-23393 No No Less Likely Less Likely Important 7.0 6.1
Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2023-23416 No No - - Critical 8.4 7.3
Windows DNS Server Remote Code Execution Vulnerability
CVE-2023-23400 No No Less Likely Less Likely Important 7.2 6.3
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-24861 No No - - Important 7.0 6.1
CVE-2023-24910 No No - - Important 7.8 6.8
Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2023-23410 No No - - Important 7.8 6.8
Windows Hyper-V Denial of Service Vulnerability
CVE-2023-23411 No No - - Critical 6.5 5.7
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2023-24859 No No - - Important 7.5 6.5
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-23420 No No - - Important 7.8 6.8
CVE-2023-23421 No No - - Important 7.8 6.8
CVE-2023-23422 No No - - Important 7.8 6.8
CVE-2023-23423 No No - - Important 7.8 6.8
Windows Media Remote Code Execution Vulnerability
CVE-2023-23401 No No - - Important 7.8 6.8
CVE-2023-23402 No No - - Important 7.8 6.8
Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2023-23417 No No - - Important 7.8 6.8
Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
CVE-2023-23385 No No - - Important 7.0 6.1
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
CVE-2023-23407 No No - - Important 7.1 6.2
CVE-2023-23414 No No - - Important 7.1 6.2
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-23404 No No - - Critical 8.1 7.1
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-23418 No No - - Important 7.8 6.8
CVE-2023-23419 No No - - Important 7.8 6.8
Windows Secure Channel Denial of Service Vulnerability
CVE-2023-24862 No No - - Important 5.5 4.8
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-24880 Yes Yes - - Moderate 5.4 5.0

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
5 comment(s)

Comments

Is the dashboard no longer operational https://patchtuesdaydashboard.com/ It doesnt seem to be updated last couple of patch periods.
It seems there is a patch for Exchange server 2013 to 2019 which is not mentioned here or even in the msrc website.
Check here for more details https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2023-exchange-server-security-updates/ba-p/3764224
Hello Everyone,
We applied the cumulative update and it did not address the exploited M365\Outlook vulnerability. We are using M365 Apps for Enterprise. We've only been able to MANUALLY update office, and the settings in admin center says the updates happen automatically, but how can we FORCE/PUSH the update to the clients???
As far as I know the only way to update Office 365 is manually. The Office 365 updates are not included in cumulative updates as those updates are only for the Windows OS.

Office 365 does automatically update its self but given the severaity of this update I have spent the past 2 days chasing my users to confirm eeryone is up to date.
Due to parsing problems, patchtuesdaydashboard.com missed some periods. Now it is ok. Thanks for the heads up.

Diary Archives