Security News > 2023 > March > Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Today is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and a total of 83 flaws.
This month's Patch Tuesday fixes two zero-day vulnerabilities actively exploited in attacks.
Microsoft has fixed a Microsoft Outlook privilege elevation bug that allows specially crafted emails to force a target's device to connect to a remote URL and transmit the Windows account's Net-NTLMv2 hash.
Microsoft has fixed an actively exploited zero-day vulnerability in Windows SmartScreen that was previously exploited to distribute and install malware.
"An attacker can craft a malicious file that would evade Mark of the Web defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging," reads Microsoft's advisory.
Below is the complete list of resolved vulnerabilities and released advisory for the March 2023 Patch Tuesday updates.
News URL
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)