Microsoft issues fixes for March’s Patch Tuesday 

Share post:

Microsoft has released its March Patch Tuesday, which includes new fixes for 74 bugs, two of which are already actively exploited, and nine of which are rated critical.

The bugs in each vulnerability category are as follows: 21 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, and 2 Remote Code Execution Vulnerabilities. There are 27 remote code execution vulnerabilities. 15 Vulnerabilities in Information Disclosure, 4 Vulnerabilities in Denial of Service, 10 Vulnerabilities in Spoofing, and 1 Vulnerability in Edge – Chromium

CVE-2023-23397, a security flaw discovered in Microsoft Outlook, affects all versions of the software from 2013 to the most recent version. According to Microsoft, the vulnerability has been exploited by attackers, who can exploit it without requiring any user interaction. This can be accomplished by sending a specially crafted email that activates automatically when it is retrieved by the email server, even before the email is opened in the Preview Pane.

“External attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers’ control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim.,” reads Microsoft’s advisory.

Another vulnerability that was patched is one currently being targeted by attackers is a security feature bypass in Windows SmartScreen (CVE-2023-24880, CVSS score: 5.1). This flaw involves a vulnerability that could be used to bypass Mark-of-the-Web (MotW) protections when opening files downloaded from the internet that are considered untrustworthy. This vulnerability is the result of a recent patch issued by Microsoft to address another SmartScreen bypass vulnerability (CVE-2022-44698, CVSS score: 5.4) that was discovered last year and exploited by attackers to deliver Magniber ransomware for financial gain.

“An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging,” reads Microsoft’s advisory.

The sources for this piece include an article in TheRegister.



Related articles

Microsoft announces enhanced security feature for OneNote

Microsoft has released further information on the increased security measures it is deploying for OneNote in order to...

Russian hacker group steals Emails of NATO officials and diplomats

Since February 2023, a Russian hacking gang known as TA473 or 'Winter Vivern' has targeted unpatched Zimbra endpoints...

Canadian cybersecurity accelerator counts its accomplishments

A Canadian university-associated business accelerator for helping early-stage cybersecurity companies says its first two years of operation have been more than satisfactory. The Rogers Cybersecure Catalyst Accelerator has had “an incredible impact” on Canadian cybersecurity entrepreneurs and founders, executive director Charles Finlay said this week in the first report on the program’s progress. Despite having

Crackdown on ransomware gangs yet to show an impact: OpenText

In its annual cybersecurity report OpenText also looked at malware, phishing and infec

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways