Skip to main content

Microsoft Monthly Security Update (March 2023)

Release Date: 15 Mar 2023 4609 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserLow Risk Low RiskSpoofing 
AzureLow Risk Low RiskSpoofing 
WindowsHigh Risk High RiskElevation of Privilege
Remote Code Execution
Information Disclosure
Denial of Service
Security Restriction Bypass

CVE-2023-24880

is being exploited in the wild.

The vulnerabliity can be exploited by using malicious MSI files signed with a specially crafted Authenticode signature to trigger security restriction bypass in SmartScreen and prevent Mark-of-the-Web (MotW) security alerts.

Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Information Disclosure
Remote Code Execution
Denial of Service
 
System CenterMedium Risk Medium RiskElevation of Privilege 
Microsoft OfficeHigh Risk High RiskSpoofing
Denial of Service
Elevation of Privilege
Remote Code Execution
Information Disclosure

CVE-2023-23397

is being exploited in the wild.

The vulnerability can be exploited by sending malicious Outlook notes and tasks to steal NTLM hashes via NTLM negotiation requests by forcing the targets’ devices to authenticate to attacker-controlled SMB shares.

Microsoft DynamicsMedium Risk Medium RiskSpoofing
Information Disclosure
 
Developer ToolsMedium Risk Medium RiskInformation Disclosure
Remote Code Execution
Elevation of Privilege
 
AppsMedium Risk Medium RiskSecurity Restriction Bypass 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 2

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 2

Evaluation of overall 'Risk Level': High Risk


Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Spoofing
  • Security Restriction Bypass

System / Technologies affected

  • Browser
  • Azure
  • Windows
  • Extended Security Updates (ESU)
  • System Center
  • Microsoft Office
  • Microsoft Dynamics
  • Developer Tools
  • Apps

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

 

Workaround for CVE-2023-23397 vulnerability:

Reduce the vulnerability of attacks by following workaround:

 

  1. Add users to the Protected Users Security Group, which prevents the use of NTLM as an authentication mechanism
  2. Block TCP 445/SMB outbound from the network by using a perimeter firewall, a local firewall, and via VPN settings

Vulnerability Identifier


Source


Related Link