Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws Cybernoz March 15, 2023 Posted in Bleeping Computer Tag CVE ID CVE Title Severity Azure CVE-2023-23408 Azure Apache Ambari Spoofing Vulnerability Important Client Server Run-time Subsystem (CSRSS) CVE-2023-23409 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability Important Client Server Run-time Subsystem (CSRSS) CVE-2023-23394 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability Important Internet Control Message Protocol (ICMP) CVE-2023-23415 Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability Critical Mariner CVE-2023-0567 Unknown Unknown Mariner CVE-2023-20052 Unknown Unknown Mariner CVE-2023-20032 Unknown Unknown Microsoft Bluetooth Driver CVE-2023-23388 Windows Bluetooth Driver Elevation of Privilege Vulnerability Important Microsoft Dynamics CVE-2023-24920 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2023-24879 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2023-24919 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2023-24891 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Dynamics CVE-2023-24922 Microsoft Dynamics 365 Information Disclosure Vulnerability Important Microsoft Dynamics CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important Microsoft Edge (Chromium-based) CVE-2023-1236 Chromium: CVE-2023-1236 Inappropriate implementation in Internals Unknown Microsoft Edge (Chromium-based) CVE-2023-1235 Chromium: CVE-2023-1235 Type Confusion in DevTools Unknown Microsoft Edge (Chromium-based) CVE-2023-1213 Chromium: CVE-2023-1213 Use after free in Swiftshader Unknown Microsoft Edge (Chromium-based) CVE-2023-24892 Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2023-1234 Chromium: CVE-2023-1234 Inappropriate implementation in Intents Unknown Microsoft Edge (Chromium-based) CVE-2023-1223 Chromium: CVE-2023-1223 Insufficient policy enforcement in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2023-1222 Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API Unknown Microsoft Edge (Chromium-based) CVE-2023-1221 Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions API Unknown Microsoft Edge (Chromium-based) CVE-2023-1229 Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts Unknown Microsoft Edge (Chromium-based) CVE-2023-1228 Chromium: CVE-2023-1228 Insufficient policy enforcement in Intents Unknown Microsoft Edge (Chromium-based) CVE-2023-1224 Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API Unknown Microsoft Edge (Chromium-based) CVE-2023-1220 Chromium: CVE-2023-1220 Heap buffer overflow in UMA Unknown Microsoft Edge (Chromium-based) CVE-2023-1216 Chromium: CVE-2023-1216 Use after free in DevTools Unknown Microsoft Edge (Chromium-based) CVE-2023-1215 Chromium: CVE-2023-1215 Type Confusion in CSS Unknown Microsoft Edge (Chromium-based) CVE-2023-1214 Chromium: CVE-2023-1214 Type Confusion in V8 Unknown Microsoft Edge (Chromium-based) CVE-2023-1219 Chromium: CVE-2023-1219 Heap buffer overflow in Metrics Unknown Microsoft Edge (Chromium-based) CVE-2023-1218 Chromium: CVE-2023-1218 Use after free in WebRTC Unknown Microsoft Edge (Chromium-based) CVE-2023-1217 Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting Unknown Microsoft Edge (Chromium-based) CVE-2023-1230 Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs Unknown Microsoft Edge (Chromium-based) CVE-2023-1232 Chromium: CVE-2023-1232 Insufficient policy enforcement in Resource Timing Unknown Microsoft Edge (Chromium-based) CVE-2023-1233 Chromium: CVE-2023-1233 Insufficient policy enforcement in Resource Timing Unknown Microsoft Edge (Chromium-based) CVE-2023-1231 Chromium: CVE-2023-1231 Inappropriate implementation in Autofill Unknown Microsoft Graphics Component CVE-2023-24910 Windows Graphics Component Elevation of Privilege Vulnerability Important Microsoft Office Excel CVE-2023-23398 Microsoft Excel Spoofing Vulnerability Important Microsoft Office Excel CVE-2023-23396 Microsoft Excel Denial of Service Vulnerability Important Microsoft Office Excel CVE-2023-23399 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Outlook CVE-2023-23397 Microsoft Outlook Elevation of Privilege Vulnerability Critical Microsoft Office SharePoint CVE-2023-23395 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft OneDrive CVE-2023-24890 Microsoft OneDrive for iOS Security Feature Bypass Vulnerability Important Microsoft OneDrive CVE-2023-24930 Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability Important Microsoft OneDrive CVE-2023-24882 Microsoft OneDrive for Android Information Disclosure Vulnerability Important Microsoft OneDrive CVE-2023-24923 Microsoft OneDrive for Android Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24907 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24857 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24868 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24872 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24876 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24913 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24864 Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24866 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24906 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24867 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24863 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24858 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24911 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24870 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24909 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-23406 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-23413 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft PostScript Printer Driver CVE-2023-24856 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft Printer Drivers CVE-2023-24865 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Important Microsoft Printer Drivers CVE-2023-23403 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Important Microsoft Windows Codecs Library CVE-2023-23401 Windows Media Remote Code Execution Vulnerability Important Microsoft Windows Codecs Library CVE-2023-23402 Windows Media Remote Code Execution Vulnerability Important Office for Android CVE-2023-23391 Office for Android Spoofing Vulnerability Important Remote Access Service Point-to-Point Tunneling Protocol CVE-2023-23404 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical Role: DNS Server CVE-2023-23400 Windows DNS Server Remote Code Execution Vulnerability Important Role: Windows Hyper-V CVE-2023-23411 Windows Hyper-V Denial of Service Vulnerability Critical Service Fabric CVE-2023-23383 Service Fabric Explorer Spoofing Vulnerability Important Visual Studio CVE-2023-23618 GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability Important Visual Studio CVE-2023-22743 GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability Important Visual Studio CVE-2023-23946 GitHub: CVE-2023-23946 mingit Remote Code Execution Vulnerability Important Visual Studio CVE-2023-22490 GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability Important Windows Accounts Control CVE-2023-23412 Windows Accounts Picture Elevation of Privilege Vulnerability Important Windows Bluetooth Service CVE-2023-24871 Windows Bluetooth Service Remote Code Execution Vulnerability Important Windows Central Resource Manager CVE-2023-23393 Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability Important Windows Cryptographic Services CVE-2023-23416 Windows Cryptographic Services Remote Code Execution Vulnerability Critical Windows Defender CVE-2023-23389 Microsoft Defender Elevation of Privilege Vulnerability Important Windows HTTP Protocol Stack CVE-2023-23392 HTTP Protocol Stack Remote Code Execution Vulnerability Critical Windows HTTP.sys CVE-2023-23410 Windows HTTP.sys Elevation of Privilege Vulnerability Important Windows Internet Key Exchange (IKE) Protocol CVE-2023-24859 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Important Windows Kernel CVE-2023-23420 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-23422 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-23421 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2023-23423 Windows Kernel Elevation of Privilege Vulnerability Important Windows Partition Management Driver CVE-2023-23417 Windows Partition Management Driver Elevation of Privilege Vulnerability Important Windows Point-to-Point Protocol over Ethernet (PPPoE) CVE-2023-23407 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability Important Windows Point-to-Point Protocol over Ethernet (PPPoE) CVE-2023-23385 Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability Important Windows Point-to-Point Protocol over Ethernet (PPPoE) CVE-2023-23414 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability Important Windows Remote Procedure Call CVE-2023-21708 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical Windows Remote Procedure Call Runtime CVE-2023-23405 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important Windows Remote Procedure Call Runtime CVE-2023-24869 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important Windows Remote Procedure Call Runtime CVE-2023-24908 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important Windows Resilient File System (ReFS) CVE-2023-23419 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Important Windows Resilient File System (ReFS) CVE-2023-23418 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Important Windows Secure Channel CVE-2023-24862 Windows Secure Channel Denial of Service Vulnerability Important Windows SmartScreen CVE-2023-24880 Windows SmartScreen Security Feature Bypass Vulnerability Moderate Windows TPM CVE-2023-1017 CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability Critical Windows TPM CVE-2023-1018 CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability Critical Windows Win32K CVE-2023-24861 Windows Graphics Component Elevation of Privilege Vulnerability Important Source link