Microsoft has released its March 2023 patch Tuesday security updates to fix multiple vulnerabilities in its products, including two (2) zero-day vulnerabilities (CVE-2023-24880 and CVE-2023-23397) that are currently reported to be exploited in the wild.

_____________________________

A. List of Vulnerabilities

Microsoft OneDriveCVE-2023-24930Microsoft OneDrive for MacOS Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft OneDriveCVE-2023-24923Microsoft OneDrive for Android Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft DynamicsCVE-2023-24922Microsoft Dynamics 365 Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft DynamicsCVE-2023-24921Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft DynamicsCVE-2023-24920Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft DynamicsCVE-2023-24919Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft PostScript Printer DriverCVE-2023-24913Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24911Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft Graphics ComponentCVE-2023-24910Windows Graphics Component Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft PostScript Printer DriverCVE-2023-24909Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Remote Procedure Call RuntimeCVE-2023-24908Remote Procedure Call Runtime Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24907Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24906Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft Edge (Chromium-based)CVE-2023-24892Microsoft Edge (Chromium-based) Webview2 Spoofing VulnerabilitySpoofingImportant
Microsoft DynamicsCVE-2023-24891Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft OneDriveCVE-2023-24890Microsoft OneDrive for iOS Security Feature Bypass VulnerabilitySecurity Feature BypassImportant
Microsoft OneDriveCVE-2023-24882Microsoft OneDrive for Android Information Disclosure VulnerabilityInformation DisclosureImportant
Windows SmartScreenCVE-2023-24880Windows SmartScreen Security Feature Bypass VulnerabilitySecurity Feature BypassModerate
Microsoft DynamicsCVE-2023-24879Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilitySpoofingImportant
Microsoft PostScript Printer DriverCVE-2023-24876Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24872Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Bluetooth ServiceCVE-2023-24871Windows Bluetooth Service Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24870Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Remote Procedure Call RuntimeCVE-2023-24869Remote Procedure Call Runtime Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24868Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24867Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-24866Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft Printer DriversCVE-2023-24865Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft PostScript Printer DriverCVE-2023-24864Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft PostScript Printer DriverCVE-2023-24863Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Secure ChannelCVE-2023-24862Windows Secure Channel Denial of Service VulnerabilityDenial of ServiceImportant
Windows Win32KCVE-2023-24861Windows Graphics Component Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Internet Key Exchange (IKE) ProtocolCVE-2023-24859Windows Internet Key Exchange (IKE) Extension Denial of Service VulnerabilityDenial of ServiceImportant
Microsoft PostScript Printer DriverCVE-2023-24858Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft PostScript Printer DriverCVE-2023-24857Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Microsoft PostScript Printer DriverCVE-2023-24856Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure VulnerabilityInformation DisclosureImportant
Visual StudioCVE-2023-23946GitHub: CVE-2023-23946 mingit Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Visual StudioCVE-2023-23618GitHub: CVE-2023-23618 Git for Windows Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows KernelCVE-2023-23423Windows Kernel Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows KernelCVE-2023-23422Windows Kernel Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows KernelCVE-2023-23421Windows Kernel Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows KernelCVE-2023-23420Windows Kernel Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Resilient File System (ReFS)CVE-2023-23419Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Resilient File System (ReFS)CVE-2023-23418Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Partition Management DriverCVE-2023-23417Windows Partition Management Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Cryptographic ServicesCVE-2023-23416Windows Cryptographic Services Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Internet Control Message Protocol (ICMP)CVE-2023-23415Internet Control Message Protocol (ICMP) Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Windows Point-to-Point Protocol over Ethernet (PPPoE)CVE-2023-23414Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-23413Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Accounts ControlCVE-2023-23412Windows Accounts Picture Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Role: Windows Hyper-VCVE-2023-23411Windows Hyper-V Denial of Service VulnerabilityDenial of ServiceCritical
Windows HTTP.sysCVE-2023-23410Windows HTTP.sys Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Client Server Run-time Subsystem (CSRSS)CVE-2023-23409Client Server Run-Time Subsystem (CSRSS) Information Disclosure VulnerabilityInformation DisclosureImportant
AzureCVE-2023-23408Azure Apache Ambari Spoofing VulnerabilitySpoofingImportant
Windows Point-to-Point Protocol over Ethernet (PPPoE)CVE-2023-23407Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft PostScript Printer DriverCVE-2023-23406Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Windows Remote Procedure Call RuntimeCVE-2023-23405Remote Procedure Call Runtime Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Remote Access Service Point-to-Point Tunneling ProtocolCVE-2023-23404Windows Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Microsoft Printer DriversCVE-2023-23403Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Windows Codecs LibraryCVE-2023-23402Windows Media Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Windows Codecs LibraryCVE-2023-23401Windows Media Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Role: DNS ServerCVE-2023-23400Windows DNS Server Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Office ExcelCVE-2023-23399Microsoft Excel Remote Code Execution VulnerabilityRemote Code ExecutionImportant
Microsoft Office ExcelCVE-2023-23398Microsoft Excel Spoofing VulnerabilitySpoofingImportant
Microsoft Office OutlookCVE-2023-23397Microsoft Outlook Elevation of Privilege VulnerabilityElevation of PrivilegeCritical
Microsoft Office ExcelCVE-2023-23396Microsoft Excel Denial of Service VulnerabilityDenial of ServiceImportant
Microsoft Office SharePointCVE-2023-23395Microsoft SharePoint Server Spoofing VulnerabilitySpoofingImportant
Client Server Run-time Subsystem (CSRSS)CVE-2023-23394Client Server Run-Time Subsystem (CSRSS) Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Central Resource ManagerCVE-2023-23393Windows BrokerInfrastructure Service Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows HTTP Protocol StackCVE-2023-23392HTTP Protocol Stack Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Office for AndroidCVE-2023-23391Office for Android Spoofing VulnerabilitySpoofingImportant
Windows DefenderCVE-2023-23389Microsoft Defender Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft Bluetooth DriverCVE-2023-23388Windows Bluetooth Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Windows Point-to-Point Protocol over Ethernet (PPPoE)CVE-2023-23385Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Service FabricCVE-2023-23383Service Fabric Explorer Spoofing VulnerabilitySpoofingImportant
Visual StudioCVE-2023-22743GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Visual StudioCVE-2023-22490GitHub: CVE-2023-22490 mingit Information Disclosure VulnerabilityInformation DisclosureImportant
Windows Remote Procedure CallCVE-2023-21708Remote Procedure Call Runtime Remote Code Execution VulnerabilityRemote Code ExecutionCritical
Windows TPMCVE-2023-1018CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege VulnerabilityElevation of PrivilegeCritical
Windows TPMCVE-2023-1017CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege VulnerabilityElevation of PrivilegeCritical
Microsoft Edge (Chromium-based)CVE-2023-1236Chromium: CVE-2023-1236 Inappropriate implementation in InternalsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1235Chromium: CVE-2023-1235 Type Confusion in DevToolsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1234Chromium: CVE-2023-1234 Inappropriate implementation in IntentsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1233Chromium: CVE-2023-1233 Insufficient policy enforcement in Resource TimingNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1232Chromium: CVE-2023-1232 Insufficient policy enforcement in Resource TimingNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1231Chromium: CVE-2023-1231 Inappropriate implementation in AutofillNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1230Chromium: CVE-2023-1230 Inappropriate implementation in WebApp InstallsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1229Chromium: CVE-2023-1229 Inappropriate implementation in Permission promptsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1228Chromium: CVE-2023-1228 Insufficient policy enforcement in IntentsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1224Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments APINoneNone
Microsoft Edge (Chromium-based)CVE-2023-1223Chromium: CVE-2023-1223 Insufficient policy enforcement in AutofillNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1222Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio APINoneNone
Microsoft Edge (Chromium-based)CVE-2023-1221Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions APINoneNone
Microsoft Edge (Chromium-based)CVE-2023-1220Chromium: CVE-2023-1220 Heap buffer overflow in UMANoneNone
Microsoft Edge (Chromium-based)CVE-2023-1219Chromium: CVE-2023-1219 Heap buffer overflow in MetricsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1218Chromium: CVE-2023-1218 Use after free in WebRTCNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1217Chromium: CVE-2023-1217 Stack buffer overflow in Crash reportingNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1216Chromium: CVE-2023-1216 Use after free in DevToolsNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1215Chromium: CVE-2023-1215 Type Confusion in CSSNoneNone
Microsoft Edge (Chromium-based)CVE-2023-1214Chromium: CVE-2023-1214 Type Confusion in V8NoneNone
Microsoft Edge (Chromium-based)CVE-2023-1213Chromium: CVE-2023-1213 Use after free in SwiftshaderNoneNone

_____________________________

B. Actions to be Taken

CERT-PH recommends the following actions be taken:

  • Kindly review and apply the necessary updates to mitigate future threats.
  • Proactively monitor and secure identified systems and devices for any suspicious/malicious activities.
  • For additional information, kindly refer to the official report
    • https://msrc.microsoft.com/update-guide/releaseNote/2023-Mar
    • https://msrc.microsoft.com/update-guide/vulnerability