Security News > 2023 > March > Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws

Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
2023-03-14 17:29

Today is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and a total of 83 flaws.

This month's Patch Tuesday fixes two zero-day vulnerabilities actively exploited in attacks.

Microsoft has fixed a Microsoft Outlook privilege elevation bug that allows specially crafted emails to force a target's device to connect to a remote URL and transmit the Windows account's Net-NTLMv2 hash.

Microsoft has fixed an actively exploited zero-day vulnerability in Windows SmartScreen that was previously exploited to distribute and install malware.

"An attacker can craft a malicious file that would evade Mark of the Web defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging," reads Microsoft's advisory.

Below is the complete list of resolved vulnerabilities and released advisory for the March 2023 Patch Tuesday updates.


News URL

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2023-patch-tuesday-fixes-2-zero-days-83-flaws/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399