Patch Tuesday March 2023 CVE Codes & Titles - Hexafusion Blog | Hexafusion
  • Contact Us At

    Vancouver: 604-757-2010

         Toronto: 416-236-6300

  • E-Mail Us @

     

Hexafusion Blog

Patch Tuesday March 2023 CVE Codes & Titles

microsoft-patch-tuesday

In March 2023, Microsoft released its Patch Tuesday update, which addressed 80 vulnerabilities, including 9 critical ones. These vulnerabilities span a wide range of Microsoft products and services, from Microsoft Outlook to Windows Server.

One of the most pressing vulnerabilities in this release is in Microsoft Outlook, with CVE-2023-23397 already being exploited. External attackers could send specially crafted emails to leak Net-NTLMv2 hash information of the victim to the attacker. Microsoft recommends updating the system as soon as possible to prevent further exploitation of this vulnerability.

Another critical vulnerability fixed in this update is the Internet Control Message Protocol (ICMP) Remote Code Execution vulnerability, CVE-2023-23415. Although it has not yet been exploited, Microsoft warns that it is likely to be exploited in the future. The vulnerability can be exploited by sending a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine.

The third critical vulnerability, CVE-2023-23392, affects only Windows Server 2022 and is specific to the HTTP protocol stack. An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. Although this vulnerability has not yet been exploited, Microsoft warns that it is likely to be exploited in the future.

Microsoft has provided alternative mitigation options for some of the critical vulnerabilities. For instance, users can add themselves to the Protected Users Security Group to prevent the use of NTLM as an authentication mechanism or block TCP 445/SMB outbound from their network. Additionally, disabling HTTP/3 can mitigate the vulnerability CVE-2023-23392. However, it is crucial to note that updating to the latest patch updates is still the most effective way to prevent exploitation.

Apart from the critical vulnerabilities, Microsoft also fixed other vulnerabilities such as elevation of privilege, information disclosure, remote code execution, and denial of service. System administrators should stay up-to-date on Patch Tuesday releases and ensure that their network is secured against potential exploits. Microsoft continues to prioritize patching vulnerabilities and releasing regular updates to enhance the security of their products.

In conclusion, the March 2023 Patch Tuesday update addressed several vulnerabilities in Microsoft products and services, including critical ones such as in Microsoft Outlook, ICMP Remote Code Execution, and HTTP Protocol Stack. Microsoft provides alternative mitigation options, but updating to the latest patch updates remains the most effective way to prevent exploitation. It is crucial for system administrators to prioritize the installation of these updates to ensure the security of their network.

Patch Tuesday March 2023 CVE Codes & Titles

CVE Number CVE Title
CVE-2023-24930 Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
CVE-2023-24923 Microsoft OneDrive for Android Information Disclosure Vulnerability
CVE-2023-24922 Microsoft Dynamics 365 Information Disclosure Vulnerability
CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24920 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24919 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24913 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24911 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24910 Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-24909 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24908 Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-24907 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24906 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24892 Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2023-24891 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24890 Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
CVE-2023-24882 Microsoft OneDrive for Android Information Disclosure Vulnerability
CVE-2023-24880 Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-24879 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24876 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24872 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24871 Windows Bluetooth Service Remote Code Execution Vulnerability
CVE-2023-24870 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24869 Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-24868 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24867 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24866 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24865 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24864 Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability
CVE-2023-24863 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24862 Windows Secure Channel Denial of Service Vulnerability
CVE-2023-24861 Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-24859 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2023-24858 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24857 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24856 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-23946 GitHub: CVE-2023-23946 mingit Remote Code Execution Vulnerability
CVE-2023-23618 GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability
CVE-2023-23423 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-23422 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-23421 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-23420 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-23419 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-23418 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-23417 Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2023-23416 Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2023-23415 Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
CVE-2023-23414 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
CVE-2023-23413 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-23412 Windows Accounts Picture Elevation of Privilege Vulnerability
CVE-2023-23411 Windows Hyper-V Denial of Service Vulnerability
CVE-2023-23410 Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2023-23409 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
CVE-2023-23408 Azure Apache Ambari Spoofing Vulnerability
CVE-2023-23407 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
CVE-2023-23406 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-23405 Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-23404 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-23403 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-23402 Windows Media Remote Code Execution Vulnerability
CVE-2023-23401 Windows Media Remote Code Execution Vulnerability
CVE-2023-23400 Windows DNS Server Remote Code Execution Vulnerability
CVE-2023-23399 Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-23398 Microsoft Excel Spoofing Vulnerability
CVE-2023-23397 Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2023-23396 Microsoft Excel Denial of Service Vulnerability
CVE-2023-23395 Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-23394 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
CVE-2023-23393 Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability
CVE-2023-23392 HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2023-23391 Office for Android Spoofing Vulnerability
CVE-2023-23389 Microsoft Defender Elevation of Privilege Vulnerability
CVE-2023-23388 Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-23385 Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
CVE-2023-23383 Service Fabric Explorer Spoofing Vulnerability
CVE-2023-22743 GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability
CVE-2023-22490 GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability
CVE-2023-21708 Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-1018 CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2023-1017 CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2022-43552 Open Source Curl Remote Code Execution Vulnerability
CVE-2022-23825 AMD: CVE-2022-23825 AMD CPU Branch Type Confusion
CVE-2022-23816 AMD: CVE-2022-23816 AMD CPU Branch Type Confusion
CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability
Expanding the Horizon: Microsoft Introduces AI-Pow...
How Technological Innovations Help Optimize Busine...

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/

Customer Login

Contact us

Learn more about what Hexafusion can do for your business.

Vancouver:  604-757-2010
Toronto:  416-236-6300
 

Hexafusion
250 - 997 Seymour Street
Vancouver, British Columbia V6B 3M1