March 14, 2023

Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws

March 14, 2023
5:30 pm

Tag
CVE ID
CVE Title
Severity
Azure
CVE-2023-23408
Azure Apache Ambari Spoofing Vulnerability
Important
Client Server Run-time Subsystem (CSRSS)
CVE-2023-23409
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
Important
Client Server Run-time Subsystem (CSRSS)
CVE-2023-23394
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
Important
Internet Control Message Protocol (ICMP)
CVE-2023-23415
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
Critical
Mariner
CVE-2023-0567
Unknown
Unknown
Mariner
CVE-2023-20052
Unknown
Unknown
Mariner
CVE-2023-20032
Unknown
Unknown
Microsoft Bluetooth Driver
CVE-2023-23388
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Important
Microsoft Dynamics
CVE-2023-24920
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-24879
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-24919
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-24891
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Dynamics
CVE-2023-24922
Microsoft Dynamics 365 Information Disclosure Vulnerability
Important
Microsoft Dynamics
CVE-2023-24921
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Important
Microsoft Edge (Chromium-based)
CVE-2023-1236
Chromium: CVE-2023-1236 Inappropriate implementation in Internals
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1235
Chromium: CVE-2023-1235 Type Confusion in DevTools
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1213
Chromium: CVE-2023-1213 Use after free in Swiftshader
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-24892
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
Important
Microsoft Edge (Chromium-based)
CVE-2023-1234
Chromium: CVE-2023-1234 Inappropriate implementation in Intents
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1223
Chromium: CVE-2023-1223 Insufficient policy enforcement in Autofill
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1222
Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1221
Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions API
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1229
Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1228
Chromium: CVE-2023-1228 Insufficient policy enforcement in Intents
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1224
Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1220
Chromium: CVE-2023-1220 Heap buffer overflow in UMA
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1216
Chromium: CVE-2023-1216 Use after free in DevTools
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1215
Chromium: CVE-2023-1215 Type Confusion in CSS
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1214
Chromium: CVE-2023-1214 Type Confusion in V8
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1219
Chromium: CVE-2023-1219 Heap buffer overflow in Metrics
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1218
Chromium: CVE-2023-1218 Use after free in WebRTC
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1217
Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1230
Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1232
Chromium: CVE-2023-1232 Insufficient policy enforcement in Resource Timing
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1233
Chromium: CVE-2023-1233 Insufficient policy enforcement in Resource Timing
Unknown
Microsoft Edge (Chromium-based)
CVE-2023-1231
Chromium: CVE-2023-1231 Inappropriate implementation in Autofill
Unknown
Microsoft Graphics Component
CVE-2023-24910
Windows Graphics Component Elevation of Privilege Vulnerability
Important
Microsoft Office Excel
CVE-2023-23398
Microsoft Excel Spoofing Vulnerability
Important
Microsoft Office Excel
CVE-2023-23396
Microsoft Excel Denial of Service Vulnerability
Important
Microsoft Office Excel
CVE-2023-23399
Microsoft Excel Remote Code Execution Vulnerability
Important
Microsoft Office Outlook
CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability
Critical
Microsoft Office SharePoint
CVE-2023-23395
Microsoft SharePoint Server Spoofing Vulnerability
Important
Microsoft OneDrive
CVE-2023-24890
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
Important
Microsoft OneDrive
CVE-2023-24930
Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
Important
Microsoft OneDrive
CVE-2023-24882
Microsoft OneDrive for Android Information Disclosure Vulnerability
Important
Microsoft OneDrive
CVE-2023-24923
Microsoft OneDrive for Android Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24907
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24857
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24868
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24872
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24876
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24913
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24864
Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24866
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24906
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24867
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24863
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24858
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24911
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24870
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24909
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-23406
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-23413
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft PostScript Printer Driver
CVE-2023-24856
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-24865
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Important
Microsoft Printer Drivers
CVE-2023-23403
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Important
Microsoft Windows Codecs Library
CVE-2023-23401
Windows Media Remote Code Execution Vulnerability
Important
Microsoft Windows Codecs Library
CVE-2023-23402
Windows Media Remote Code Execution Vulnerability
Important
Office for Android
CVE-2023-23391
Office for Android Spoofing Vulnerability
Important
Remote Access Service Point-to-Point Tunneling Protocol
CVE-2023-23404
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Critical
Role: DNS Server
CVE-2023-23400
Windows DNS Server Remote Code Execution Vulnerability
Important
Role: Windows Hyper-V
CVE-2023-23411
Windows Hyper-V Denial of Service Vulnerability
Critical
Service Fabric
CVE-2023-23383
Service Fabric Explorer Spoofing Vulnerability
Important
Visual Studio
CVE-2023-23618
GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability
Important
Visual Studio
CVE-2023-22743
GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability
Important
Visual Studio
CVE-2023-23946
GitHub: CVE-2023-23946 mingit Remote Code Execution Vulnerability
Important
Visual Studio
CVE-2023-22490
GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability
Important
Windows Accounts Control
CVE-2023-23412
Windows Accounts Picture Elevation of Privilege Vulnerability
Important
Windows Bluetooth Service
CVE-2023-24871
Windows Bluetooth Service Remote Code Execution Vulnerability
Important
Windows Central Resource Manager
CVE-2023-23393
Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability
Important
Windows Cryptographic Services
CVE-2023-23416
Windows Cryptographic Services Remote Code Execution Vulnerability
Critical
Windows Defender
CVE-2023-23389
Microsoft Defender Elevation of Privilege Vulnerability
Important
Windows HTTP Protocol Stack
CVE-2023-23392
HTTP Protocol Stack Remote Code Execution Vulnerability
Critical
Windows HTTP.sys
CVE-2023-23410
Windows HTTP.sys Elevation of Privilege Vulnerability
Important
Windows Internet Key Exchange (IKE) Protocol
CVE-2023-24859
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
Important
Windows Kernel
CVE-2023-23420
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-23422
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-23421
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Kernel
CVE-2023-23423
Windows Kernel Elevation of Privilege Vulnerability
Important
Windows Partition Management Driver
CVE-2023-23417
Windows Partition Management Driver Elevation of Privilege Vulnerability
Important
Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-23407
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
Important
Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-23385
Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
Important
Windows Point-to-Point Protocol over Ethernet (PPPoE)
CVE-2023-23414
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
Important
Windows Remote Procedure Call
CVE-2023-21708
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Critical
Windows Remote Procedure Call Runtime
CVE-2023-23405
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Important
Windows Remote Procedure Call Runtime
CVE-2023-24869
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Important
Windows Remote Procedure Call Runtime
CVE-2023-24908
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Important
Windows Resilient File System (ReFS)
CVE-2023-23419
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Important
Windows Resilient File System (ReFS)
CVE-2023-23418
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Important
Windows Secure Channel
CVE-2023-24862
Windows Secure Channel Denial of Service Vulnerability
Important
Windows SmartScreen
CVE-2023-24880
Windows SmartScreen Security Feature Bypass Vulnerability
Moderate
Windows TPM
CVE-2023-1017
CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability
Critical
Windows TPM
CVE-2023-1018
CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability
Critical
Windows Win32K
CVE-2023-24861
Windows Graphics Component Elevation of Privilege Vulnerability
Important

Adblock test (Why?)

Insights

Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws

Share:

Related Posts

Cybersecurity For Dummies, 3rd Edition eBook FREE for a Limited Time

Hackers exploiting zero-day in Gladinet file sharing software

Windows 11 23H2 Home and Pro reach end of support in 30 days

FBI takes down BreachForums portal used for Salesforce extortion

Hackers now use Velociraptor DFIR tool in ransomware attacks

Microsoft: Hackers target universities in “payroll pirate” attacks

Share:

Quick Links

Support

Need help?

Location

Looking for collaboration?

Get in touch