Published: March 21, 2023

Overview

Microsoft has released their monthly Tuesday patch on March 14th. The updates contain security updates and fixes for 83 flaws. The update contains fixes for nine vulnerabilities which have been classified as Critical for allowing Remote Code Execution, Elevation of Privilege attacks and/or Denial of Service attacks. This patch contains fixes for two zero-day vulnerabilities: 

  1. CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Vulnerability (CVSS Score of 9.8 with Severity- Critical) This bug is critical as no user interaction is required. A malicious email to Microsoft Outlook inbox can lead to exposure of sensitive credential hashes.
  2. CVE-2023-24880 - Windows SmartScreen Security Feature Bypass Vulnerability (CVSS Score of 5.4 with Severity- Moderate). A malicious file that would evade Mark of the Web (MOTW) defenses and could result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.

Best Practices

We recommend this patch be installed as soon as possible to avoid exploitation of these vulnerabilities in your environment.

Netsurion Detection and Response

Our security experts have determined that no Netsurion product or service have been found to be impacted by all these vulnerabilities. However, as per our security practices, we have installed these in our environment.
 

References:

Cybersecurity Updates
Latest Advisory Alerts

Palo Alto PAN-OS Command Injection Vulnerability

D-Link NAS Command Injection Vulnerability

VMware ESXi, Workstation, and Fusion Vulnerabilities

Latest Data Source Integrations

AWS Key Management Service (KMS)

Have I Been Pwned

SentinelOne

Latest Enhancements

Netsurion Open XDR Now Supports PCI DSS 4.0

Extended Data Source Integrations and Alerts Released for Essentials

Enriched Application Control in Open XDR 9.4