Home » Microsoft March 2023 Patch Tuesday update Fixes 75 Security Flaws

Microsoft March 2023 Patch Tuesday update Fixes 75 Security Flaws

windows 10 security updates

Today Microsoft fixed at least 68 security vulnerabilities in its product portfolio. Here are Details on Microsoft’s security updates in November’s Patch Tuesday

Today is the second Tuesday of March 2023 and it’s time to check out the latest security updates from Microsoft. As part of this month’s patch update, Microsoft Fixes 80 vulnerabilities that impact several products in its portfolio. Where 9 of them are classified as ‘Critical’ as they allow Elevation of Privilege (EoP), Remote Code Execution (RCE), and Spoofing, and four of them are rated Moderate in severity, and the remaining 70 are Important. Two actively exploited vulnerabilities were reported by the vendor: Microsoft Outlook privilege escalation flaw (CVE-2023-23397, CVSS score: 9.8) and a Windows SmartScreen security feature bypass (CVE-2023-24880, CVSS score: 5.1).

Microsoft patched 80 CVEs in its March 2023 Patch Tuesday Release, with nine rated as critical and 70 rated as important.

Table of Contents
    Add a header to begin generating the table of contents

    Microsoft March 2023 Patch Tuesday

    With today’s update, Microsoft patched several flaws in its software, including Denial of Service (DoS), Elevation of Privilege, Information Disclosure, Microsoft Edge (Chromium-based), Remote Code Execution (RCE), Security Feature Bypass, Spoofing and Tampering.

    The number of bugs in each vulnerability category is listed below:

    Vulnerability Category Quantity Severities
    Spoofing Vulnerability 10 Important: 6
    Denial of Service Vulnerability 4 Important: 3 Critical: 1
    Elevation of Privilege Vulnerability 21 Important: 18 Critical: 3
    Information Disclosure Vulnerability 15 Important: 15
    Remote Code Execution Vulnerability 27 Important: 22 Critical: 5
    Security Feature Bypass Vulnerability 2 Important: 1

    in addition 29 flaws the tech giant fixed in its Chromium-based Edge browser in recent weeks.

    A crucial part of this month’s security updates consists of patches for two actively exploited zero-day vulnerabilities, which was publicly disclosed.

    • CVE-2023-23397 – Microsoft Outlook Elevation of Privilege Vulnerability
    • CVE-2023-24880 – Windows SmartScreen Security Feature Bypass Vulnerability
    • CVE-2023-1017 and CVE-2023-1018 – TPM2.0 Module Library Elevation of Privilege Vulnerability
    • CVE-2023-21708 – Remote Procedure Call Runtime Remote Code Execution Vulnerability
    • CVE-2023-23392 – HTTP Protocol Stack Remote Code Execution Vulnerability
    • CVE-2023-23404 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
    • CVE-2023-23411 – Windows Hyper-V Denial of Service Vulnerability
    • CVE-2023-23415 – Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
    • CVE-2023-23416 – Windows Cryptographic Services Remote Code Execution Vulnerability

    Recent updates from other companies

    Other vendors who released updates in February 2023 include:

    Windows security updates

    In addition to Microsoft security updates, this March 2023 Patch Tuesday update also brought Windows 11 and Windows 10 cumulative updates. That includes KB5023706 and KB5023698 for windows 11 and KB5023696 for windows 10 version 22H2. So if you are running any of these windows versions make sure you update them as you install the new patches.

    Windows 11 KB5023706 and KB5023698

    Today’s cumulative update KB5023706 brings the moment 2 updates and advances the build number to 22621.1413. Windows 11 KB5023706 brings moment features, including tabbed Notepad, Phone Link for iOS, a searchable Task Manager, the tablet-optimized taskbar, screen recording in the Snipping Tool, Voice Assist, and much more.

    In addition, Microsoft noted KB5023706 and KB5023698 addresses security issues for your Windows operating system. Also, Fixes an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.

    • A bug that randomly stopped users from signing in or signing out has been fixed.
    • This update addresses an issue that changes the Color filters setting to Grayscale when you select Inverted.
    • For IE mode users, Microsoft has addressed an issue that sometimes makes text on the status bar invisible.
    • Microsoft fixed an issue causing a blue screen during video playback after setting high dynamic range (HDR) on your display.
    • Microsoft fixed an issue that might prevent you from using a touch keyboard and the PIN entry keyboard to sign in to your device.
    • This update addresses an issue that affects which folders appear in the Browse for Folder picker.
    • A file explorer issue that fails to move the input focus when using Shift+Tab or Shift+F6 has been fixed.
    • The volume up and down commands from a Bluetooth keyboard are now displayed in the Windows user interface.
    • This update addresses an issue that affects Xbox subscriptions when you buy a subscription using the “Redeem code” option, and recurring billing is off.

    Microsoft noted three known issues with these updates, the first of them impacts provisioning packages, while the second makes it harder to copy large files on devices that have already been updated to version 2022 Update.

    In addition, a bug prevents some users from downloading Windows 11 version 22H2 through Windows Server Update Services (WSUS) servers.

    You can read the complete changelog Microsoft support blog here.

    Windows 10 KB5023696 and KB5023702

    Cumulative update KB5023696 for Windows 10, This update contains miscellaneous security improvements to internal OS functionality. Microsoft is busy with the development of Windows 11, today’s update windows 10 OS build 19045.2728 actually comes with a few noticeable changes, including bug fix for an issue that cause Explorer and taskbar to stop responding.

    • his update improves your experience when you use Windows Spotlight on your lock screen. The informational links open faster.
    • This update addresses an issue that affects IE mode. The text on the status bar is not always visible.
    • This update addresses accessibility issues. They affect Narrator on the Settings home page.
    • This update addresses an issue that stops hyperlinks from working in Microsoft Excel.
    • This update addresses an issue that affects a certain streaming app. The issue stops video playback after an advertisement plays in the app.

    You can read the complete changelog Microsoft support blog here.

    Download the Windows 10 Cumulative update

    All these Security updates Automatically download and get installed on your device via Windows update. If your device has not received it yet open Settings, Update & Security and Check for updates. Once done restart your Device to apply the updates.

    Install windows 11 update

    The above link directly opens the Microsoft Update Catalog which is the library of Windows Update offline installers. You need to click on the ‘Download’ button next to the version of the OS installed on your machine and run the .msu files to begin the installation of the update.

    If you face any difficulty while installing these updates check how to fix Windows 10 Update installation problems.

    Also Read:

    About The Author

    Leave a Comment

    Scroll to Top