Â
Microsoft has released March 2023 Security Update. The list of security updates is quite long and affects many components of Windows and applications, some of them are:
Visual studio
Windows HTTP Protocol stack
Windows Internet Key Exchange (IKE) Protocol
Microsoft Office Outlook
Microsoft Office Excel
Take into consideration that "Windows 10 updates are cumulative, and that this monthly security release includes all security patches for vulnerabilities that affect Windows 10, in addition to non-security updates", according to information provided by Microsoft on the Release Note.
Some of the more important and critical CVEs addressed are:
CVE-2023-1018 - TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2023-1017 - TPM2.0 Module Library Elevation of Privilege Vulnerability
CVE-2023-23393 - Windows Broker Infrastructure Service Elevation of Privilege Vulnerability
CVE-2023-23404 - Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-23398 - Microsoft Excel Spoofing Vulnerability
CVE-2023-23411 - Windows Hyper-V Denial of Service Vulnerability
CVE-2023-23416 - Windows Cryptographic Services Remote Code Execution Vulnerability
To read the whole list of CVEs addressed, go to the Microsoft March 2023 Release Note.