Microsoft issues fixes for March’s Patch Tuesday 

Share post:

Microsoft has released its March Patch Tuesday, which includes new fixes for 74 bugs, two of which are already actively exploited, and nine of which are rated critical.

The bugs in each vulnerability category are as follows: 21 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, and 2 Remote Code Execution Vulnerabilities. There are 27 remote code execution vulnerabilities. 15 Vulnerabilities in Information Disclosure, 4 Vulnerabilities in Denial of Service, 10 Vulnerabilities in Spoofing, and 1 Vulnerability in Edge – Chromium

CVE-2023-23397, a security flaw discovered in Microsoft Outlook, affects all versions of the software from 2013 to the most recent version. According to Microsoft, the vulnerability has been exploited by attackers, who can exploit it without requiring any user interaction. This can be accomplished by sending a specially crafted email that activates automatically when it is retrieved by the email server, even before the email is opened in the Preview Pane.

“External attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers’ control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim.,” reads Microsoft’s advisory.

Another vulnerability that was patched is one currently being targeted by attackers is a security feature bypass in Windows SmartScreen (CVE-2023-24880, CVSS score: 5.1). This flaw involves a vulnerability that could be used to bypass Mark-of-the-Web (MotW) protections when opening files downloaded from the internet that are considered untrustworthy. This vulnerability is the result of a recent patch issued by Microsoft to address another SmartScreen bypass vulnerability (CVE-2022-44698, CVSS score: 5.4) that was discovered last year and exploited by attackers to deliver Magniber ransomware for financial gain.

“An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging,” reads Microsoft’s advisory.

The sources for this piece include an article in TheRegister.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways