- 69/2023
- Critical
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch contains a fix for two actively exploited zero-day vulnerabilities. Also, this patch includes a release for an updated edge version (111.0.1661.41) to fix multiple vulnerabilities.
Microsoft has fixed (83) vulnerabilities, with (9) classified as critical as they could allow the attacker to perform remote code execution, bypass security features, elevate privileges, or cause a denial of service attack.
March’s Patch Tuesday was released to fix security flaws in multiple products such as Visual Studio, Microsoft OneDrive, Microsoft Defender, Microsoft Edge (Chromium-based), Microsoft Printer Drivers, Microsoft Office (Excel, Outlook, SharePoint), Microsoft Windows Codecs Library, and Microsoft Bluetooth Driver.
The actively exploited zero-day vulnerabilities fixed in March’s Patch are:
• Microsoft Outlook Elevation of Privilege Vulnerability allows the remote attacker to send specially crafted emails to force a target’s device to connect to a remote URL and leak the Windows account’s Net-NTLMv2 hash – CVE-2023-23397.
• Windows SmartScreen Security Feature Bypass Vulnerability allows the remote attacker to craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office – CVE-2023-24880.
Sample of the addressed vulnerabilities:
1. Microsoft Windows HTTP Protocol Stack Code Execution (CVE-2023-23415):
• CVSS: 9.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access
2. Microsoft Outlook Spoofing Vulnerability (CVE-2023-23397):
• CVSS: 9.1
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.