Security News > 2023 > March > Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Today is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and a total of 83 flaws.
This month's Patch Tuesday fixes two zero-day vulnerabilities actively exploited in attacks.
Microsoft has fixed a Microsoft Outlook privilege elevation bug that allows specially crafted emails to force a target's device to connect to a remote URL and transmit the Windows account's Net-NTLMv2 hash.
Microsoft has fixed an actively exploited zero-day vulnerability in Windows SmartScreen that was previously exploited to distribute and install malware.
"An attacker can craft a malicious file that would evade Mark of the Web defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging," reads Microsoft's advisory.
Below is the complete list of resolved vulnerabilities and released advisory for the March 2023 Patch Tuesday updates.
News URL
Related news
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)