March Patch Tuesday Updates Bring New Windows 11 Features and Fixes for 74 Vulnerabilities

Windows 11 PC with Bloom

Microsoft has just released the March 2023 Patch Tuesday updates for Windows 11 and Windows 10. For Windows 11 users, today marks the public rollout of the “Moment 2” feature update that brings a new search box to the taskbar and many other new features. 

On the security front, this month’s Patch Tuesday updates include fixes for 74 vulnerabilities in Windows and other components. Two of them are currently being exploited by attackers, including an Outlook spoofing vulnerability. 

74 vulnerabilities fixed in the March Patch Tuesday updates

Here are the most critical vulnerabilities fixed with this month’s Patch Tuesday updates:

  • CVE-2023-23397: This Microsoft Outlook Elevation of Privilege Vulnerability is already being exploited by attackers sending specially crafted emails that are triggered automatically when they’re retrieved and processed by the email server.
  • CVE-2023-24880: This Windows SmartScreen Security Feature Bypass Vulnerability has been publicly disclosed and is also being exploited by attackers. It requires a malicious malicious file that would evade Mark of the Web (MOTW) defenses.
  • CVE-2023-23392: This HTTP Protocol Stack Remote Code Execution Vulnerability could allow an unauthenticated attacker to send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.
  • CVE-2023-23415: This Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability could allow an attacker to send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine.
  • CVE-2023-23411: This Windows Hyper-V Denial of Service Vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host.

You can find the full list of CVEs included in this month’s Patch Tuesday below:

ProductImpactMax SeverityArticleDownloadDetails
Windows 11 Version 22H2 for x64-based SystemsRemote Code ExecutionCritical5023706Security UpdateCVE-2023-23392
Windows 10 for x64-based SystemsElevation of PrivilegeCritical5023713Security UpdateCVE-2023-1018
Windows 10 Version 22H2 for x64-based SystemsElevation of PrivilegeCritical5023696Security UpdateCVE-2023-1018
Windows Server 2012 R2Information DisclosureImportant5023765Monthly RollupCVE-2023-24911
Windows Server 2012 R2Information DisclosureImportant5023764Security OnlyCVE-2023-24911
Windows Server 2012 (Server Core installation)Information DisclosureImportant5023756Monthly RollupCVE-2023-24911
Windows Server 2012 (Server Core installation)Information DisclosureImportant5023752Security OnlyCVE-2023-24911
Windows Server 2012Information DisclosureImportant5023756Monthly RollupCVE-2023-24911
Windows Server 2012Information DisclosureImportant5023752Security OnlyCVE-2023-24911
Windows Server 2016 (Server Core installation)Information DisclosureImportant5023697Security UpdateCVE-2023-24911
Windows Server 2016Information DisclosureImportant5023697Security UpdateCVE-2023-24911
Windows 10 Version 1607 for x64-based SystemsInformation DisclosureImportant5023697Security UpdateCVE-2023-24911
Windows 10 Version 1607 for 32-bit SystemsInformation DisclosureImportant5023697Security UpdateCVE-2023-24870
Windows 10 for 32-bit SystemsInformation DisclosureImportant5023713Security UpdateCVE-2023-24870
Windows 10 Version 22H2 for 32-bit SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows 10 Version 22H2 for ARM64-based SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows 11 Version 22H2 for ARM64-based SystemsInformation DisclosureImportant5023706Security UpdateCVE-2023-24870
Windows 10 Version 21H2 for x64-based SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows 10 Version 21H2 for ARM64-based SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows 10 Version 21H2 for 32-bit SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows 11 version 21H2 for ARM64-based SystemsInformation DisclosureImportant5023698Security UpdateCVE-2023-24870
Windows 11 version 21H2 for x64-based SystemsInformation DisclosureImportant5023698Security UpdateCVE-2023-24870
Windows 10 Version 20H2 for ARM64-based SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows 10 Version 20H2 for 32-bit SystemsInformation DisclosureImportant5023696Security UpdateCVE-2023-24870
Windows Server 2022 (Server Core installation)Security Feature BypassModerate5023705Security UpdateCVE-2023-24880
Windows Server 2022 (Server Core installation)Security Feature BypassModerate5023786AzureHotpatchCVE-2023-24880
Windows Server 2022Security Feature BypassModerate5023705Security UpdateCVE-2023-24880
Windows Server 2022Security Feature BypassModerate5023786AzureHotpatchCVE-2023-24880
Windows 10 Version 20H2 for x64-based SystemsRemote Code ExecutionImportant5023696Security UpdateCVE-2023-24876
Windows Server 2019 (Server Core installation)Remote Code ExecutionImportant5023702Security UpdateCVE-2023-24876
Windows Server 2019Remote Code ExecutionImportant5023702Security UpdateCVE-2023-24876
Windows 10 Version 1809 for ARM64-based SystemsRemote Code ExecutionImportant5023702Security UpdateCVE-2023-24876
Windows 10 Version 1809 for x64-based SystemsElevation of PrivilegeImportant5023702Security UpdateCVE-2023-24910
Windows 10 Version 1809 for 32-bit SystemsElevation of PrivilegeImportant5023702Security UpdateCVE-2023-24910
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionImportant5023765Monthly RollupCVE-2023-24909
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionImportant5023764Security OnlyCVE-2023-24909
Microsoft Visual Studio 2022 version 17.5Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2023-23946
Microsoft Visual Studio 2022 version 17.4Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2023-23618
Microsoft Visual Studio 2022 version 17.0Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2023-23618
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2023-23618
Microsoft Visual Studio 2022 version 17.2Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2023-23618
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8)Remote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2023-23618
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Remote Code ExecutionImportant5023769Monthly RollupCVE-2023-24869
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Remote Code ExecutionImportant5023759Security OnlyCVE-2023-24869
Windows Server 2008 R2 for x64-based Systems Service Pack 1Remote Code ExecutionImportant5023769Monthly RollupCVE-2023-24869
Windows Server 2008 R2 for x64-based Systems Service Pack 1Remote Code ExecutionImportant5023759Security OnlyCVE-2023-24869
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5023755Monthly RollupCVE-2023-24869
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5023754Security OnlyCVE-2023-24869
Azure Service Fabric 9.1 for UbuntuSpoofingImportantRelease NotesSecurity UpdateCVE-2023-23383
Azure Service Fabric 9.1 for WindowsSpoofingImportantRelease NotesSecurity UpdateCVE-2023-23383
Microsoft Dynamics 365 (on-premises) version 9.0SpoofingImportant5023506Security UpdateCVE-2023-24891
Microsoft Dynamics 365 (on-premises) version 9.1SpoofingImportant5023505Security UpdateCVE-2023-24891
OneDrive for iOSSecurity Feature BypassImportantApp StoreSecurity UpdateCVE-2023-24890
Windows Server 2008 for x64-based Systems Service Pack 2Remote Code ExecutionImportant5023755Monthly RollupCVE-2023-24869
Windows Server 2008 for x64-based Systems Service Pack 2Remote Code ExecutionImportant5023754Security OnlyCVE-2023-24869
OneDrive for MacOS InstallerElevation of PrivilegeImportantApp StoreSecurity UpdateCVE-2023-24930
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5023755Monthly RollupCVE-2023-24869
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5023754Security OnlyCVE-2023-24869
Windows Server 2008 for 32-bit Systems Service Pack 2Remote Code ExecutionImportant5023755Monthly RollupCVE-2023-24869
Windows Server 2008 for 32-bit Systems Service Pack 2Remote Code ExecutionImportant5023754Security OnlyCVE-2023-24869
Microsoft Edge (Chromium-based)SpoofingImportantRelease NotesSecurity UpdateCVE-2023-24892
OneDrive for AndroidInformation DisclosureImportantApp StoreSecurity UpdateCVE-2023-24882
Microsoft Office for UniversalElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2023-24910
Microsoft Office for AndroidElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2023-24910
Microsoft Office LTSC for Mac 2021Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2023-24910
Microsoft Office 2019 for MacElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2023-24910
Azure HDInsightsSpoofingImportantRelease NotesSecurity UpdateCVE-2023-23408
Microsoft Outlook 2016 (64-bit edition)Elevation of PrivilegeCritical5002254Security UpdateCVE-2023-23397
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)Elevation of PrivilegeCritical5002265Security UpdateCVE-2023-23397
Microsoft Outlook 2013 RT Service Pack 1Elevation of PrivilegeCritical5002265Security UpdateCVE-2023-23397
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)Elevation of PrivilegeCritical5002265Security UpdateCVE-2023-23397
Microsoft Office 2019 for 32-bit editionsElevation of PrivilegeCriticalClick to RunSecurity UpdateCVE-2023-23397
Microsoft 365 Apps for Enterprise for 32-bit SystemsElevation of PrivilegeCriticalClick to RunSecurity UpdateCVE-2023-23397
Microsoft Office 2019 for 64-bit editionsElevation of PrivilegeCriticalClick to RunSecurity UpdateCVE-2023-23397
Microsoft 365 Apps for Enterprise for 64-bit SystemsElevation of PrivilegeCriticalClick to RunSecurity UpdateCVE-2023-23397
Microsoft Office LTSC 2021 for 64-bit editionsElevation of PrivilegeCriticalClick to RunSecurity UpdateCVE-2023-23397
Microsoft Outlook 2016 (32-bit edition)Elevation of PrivilegeCritical5002254Security UpdateCVE-2023-23397
Microsoft Office LTSC 2021 for 32-bit editionsElevation of PrivilegeCriticalClick to RunSecurity UpdateCVE-2023-23397
Microsoft Office Web Apps Server 2013 Service Pack 1Remote Code ExecutionImportant5002362Security UpdateCVE-2023-23399
Microsoft Office 2013 Service Pack 1 (64-bit editions)Remote Code ExecutionImportant5002198Security UpdateCVE-2023-23399
Microsoft Office 2013 Service Pack 1 (32-bit editions)Remote Code ExecutionImportant5002198Security UpdateCVE-2023-23399
Microsoft Office 2013 RT Service Pack 1Remote Code ExecutionImportant5002198Security UpdateCVE-2023-23399
Microsoft Excel 2013 Service Pack 1 (64-bit editions)Remote Code ExecutionImportant5002348Security UpdateCVE-2023-23399
Microsoft Excel 2013 Service Pack 1 (32-bit editions)Remote Code ExecutionImportant5002348Security UpdateCVE-2023-23399
Microsoft Excel 2013 RT Service Pack 1Remote Code ExecutionImportant5002348Security UpdateCVE-2023-23399
Microsoft Office 2016 (64-bit edition)Remote Code ExecutionImportant5002197Security UpdateCVE-2023-23399
Microsoft Office 2016 (32-bit edition)Remote Code ExecutionImportant5002197Security UpdateCVE-2023-23399
Microsoft Excel 2016 (64-bit edition)Remote Code ExecutionImportant5002351Security UpdateCVE-2023-23399
Microsoft Excel 2016 (32-bit edition)Remote Code ExecutionImportant5002351Security UpdateCVE-2023-23399
Microsoft Office Online ServerRemote Code ExecutionImportant5002356Security UpdateCVE-2023-23399
Microsoft SharePoint Foundation 2013 Service Pack 1SpoofingImportant5002367Security UpdateCVE-2023-23395
Microsoft SharePoint Foundation 2013 Service Pack 1SpoofingImportant5002168Security UpdateCVE-2023-23395
Microsoft SharePoint Server Subscription EditionSpoofingImportant5002355Security UpdateCVE-2023-23395
Microsoft SharePoint Server 2019SpoofingImportant5002358Security UpdateCVE-2023-23395
Microsoft SharePoint Enterprise Server 2013 Service Pack 1SpoofingImportant5002366Cumulative UpdateCVE-2023-23395
Microsoft SharePoint Enterprise Server 2013 Service Pack 1SpoofingImportant5002367Security UpdateCVE-2023-23395
Microsoft SharePoint Enterprise Server 2013 Service Pack 1SpoofingImportant5002168Security UpdateCVE-2023-23395
Microsoft SharePoint Enterprise Server 2016SpoofingImportant5002368Security UpdateCVE-2023-23395
Microsoft Malware Protection EngineElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2023-23389

Quality and experience updates

I’ve previously detailed all the new features included in the “Moment 2” update for Windows 11 version 22H2 last month, but here’s a summary of all the new features in this update:

  • There’s a new search box in the taskbar for using Windows Search
  • The taskbar is now optimized for 2-in-1 devices with new “Expanded” and “Collapsed” states
  • On Windows on ARM devices that support Windows Studio Effects, these options are now accessible from Quick Settings in the taskbar
  • The Start Menu now displays recommended files on Azure AD joined devices
  • Support for new Braille devices and Voice Access improvements.
  • Task Manager now lets users filter processes
  • The Quick Assist app is now accessible from the All Apps list in the Start Menu
  • The Settings app has a new section with Energy Recommendations.

For IT pros managing Windows Updates via Windows Update or WSUS, a new client policy now allows them to control the availability of new features introduced via servicing. Moreover, Microsoft said that new features that may be disruptive such as the new touch-optimized taskbar are disabled by default on managed devices. 

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

If you have any problems with this month’s patches, please let us know in the comments below. Other readers might be able to share their experiences in how to roll back problematic updates or mitigate issues caused by patches that are important to have in place.