Microsoft Security Update March 2023 | Vulnerability Notifications
Microsoft has recently issued patches for around 80 newly discovered security vulnerabilities on March 14th, 2023. Among these vulnerabilities were two zero-day exploits, namely CVE-2023-23397 and CVE-2023-24880. The severity of these two exploits was rated using the Common Vulnerability Scoring System (CVSS), with scores of 9.8 and 5.1, respectively.
Relevant users are requested to pay attention and update the patch as soon as possible for protection!
Microsoft Outlook Elevation of Privilege Vulnerability | CVE-2023-23397
What is notable about this vulnerability is that the attack complexity is rated as “Low” with no user interaction required, meaning that an attacker can attempt to exploit this vulnerability merely by sending the victim a specifically crafted email or message.
Users Cannot Avoid Attack!!!
The recipient of such a message does not even have to read it, even opening it in the preview is not absolutely necessary.
In addition, this vulnerability is said to only impact Windows-based versions of Outlook. Non-Windows versions such as macOS, iOS, Android and the web-based versions are not said to be affected.
Windows SmartScreen Security Feature Bypass Vulnerability | CVE-2023-24880
CVE-2023-24880 is a vulnerability that could allow an attacker to bypass the Windows SmartScreen functionality. An unauthenticated remote attacker could evade Mark on the Web (MOTW) defenses by convincing a user to open a malicious file, resulting in compromised integrity and availability of the security features of the MOTW Mark.
Other Notable Vulnerabilities
The Microsoft Security Response Center (MSRC) investigates all security vulnerability reports affecting Microsoft products and services, and provides relevant information here, ranked according to severity, and you can directly click to patch according to your needs. This is part of an ongoing effort to help you manage security risks and keep your systems safe.
Patch Update
Due to network problems, computer environment problems, etc., the patch update of Windows Update may fail. After installing the patch, the user should check whether the patch is successfully updated in time.
In Settings, select Update and Security > Windows Update, view the prompt information on this page or click View update history to view the historical update status.
Table of Contents
What We Provide
Managed IT Service
How can we help you?
Call Us, Write Us, Or Knock On Our Door. We are here to help. Thanks for contacting us!
