Security News > 2023 > March > Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Today is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and a total of 83 flaws.
This month's Patch Tuesday fixes two zero-day vulnerabilities actively exploited in attacks.
Microsoft has fixed a Microsoft Outlook privilege elevation bug that allows specially crafted emails to force a target's device to connect to a remote URL and transmit the Windows account's Net-NTLMv2 hash.
Microsoft has fixed an actively exploited zero-day vulnerability in Windows SmartScreen that was previously exploited to distribute and install malware.
"An attacker can craft a malicious file that would evade Mark of the Web defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging," reads Microsoft's advisory.
Below is the complete list of resolved vulnerabilities and released advisory for the March 2023 Patch Tuesday updates.
News URL
Related news
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)