Microsoft Monthly Security Update (March 2023)

Release Date: 15 Mar 2023 5197 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserLow Risk Low RiskSpoofing 
AzureLow Risk Low RiskSpoofing 
WindowsHigh Risk High RiskElevation of Privilege
Remote Code Execution
Information Disclosure
Denial of Service
Security Restriction Bypass

CVE-2023-24880

is being exploited in the wild.

The vulnerabliity can be exploited by using malicious MSI files signed with a specially crafted Authenticode signature to trigger security restriction bypass in SmartScreen and prevent Mark-of-the-Web (MotW) security alerts.

Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Information Disclosure
Remote Code Execution
Denial of Service		 
System CenterMedium Risk Medium RiskElevation of Privilege 
Microsoft OfficeHigh Risk High RiskSpoofing
Denial of Service
Elevation of Privilege
Remote Code Execution
Information Disclosure

CVE-2023-23397

is being exploited in the wild.

The vulnerability can be exploited by sending malicious Outlook notes and tasks to steal NTLM hashes via NTLM negotiation requests by forcing the targets’ devices to authenticate to attacker-controlled SMB shares.

Microsoft DynamicsMedium Risk Medium RiskSpoofing
Information Disclosure		 
Developer ToolsMedium Risk Medium RiskInformation Disclosure
Remote Code Execution
Elevation of Privilege		 
AppsMedium Risk Medium RiskSecurity Restriction Bypass 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 2

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 2

Evaluation of overall 'Risk Level': High Risk

Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Spoofing
  • Security Restriction Bypass

System / Technologies affected

  • Browser
  • Azure
  • Windows
  • Extended Security Updates (ESU)
  • System Center
  • Microsoft Office
  • Microsoft Dynamics
  • Developer Tools
  • Apps

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

 

Workaround for CVE-2023-23397 vulnerability:

Reduce the vulnerability of attacks by following workaround:

 

  1. Add users to the Protected Users Security Group, which prevents the use of NTLM as an authentication mechanism
  2. Block TCP 445/SMB outbound from the network by using a perimeter firewall, a local firewall, and via VPN settings

Vulnerability Identifier

Source

Related Link

Related Tags

MicrosoftDenial of ServiceElevation of PrivilegeRemote Code ExecutionSecurity Restriction BypassInformation DisclosureSpoofingExploit In The Wild

Share with

Previous

Zoom Products Multiple Vulnerabilities

15 Mar 2023 4048 Views

Next

Mozilla Products Multiple Vulnerabilities

15 Mar 2023 4179 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY