Overview
On March 15, NSFOCUS CERT monitored that Microsoft had released a security update patch for March, which fixed 82 security issues, involving widely used products such as Windows Hyper-V, Microsoft Outlook, Windows HTTP Protocol Stack, Microsoft Graphics, Microsoft Excel, etc., including high-risk vulnerability types such as privilege enhancement, remote code execution, etc.
Among the vulnerabilities fixed in Microsoft’s monthly update this month, there are 9 critical vulnerabilities and 69 important vulnerabilities, including 2 0day vulnerabilities:
Microsoft Outlook Privilege Escalation Vulnerability (CVE-2023-23397)
Windows SmartScreen security feature bypass vulnerability (CVE-2023-24880)
Relevant users are requested to update the patch for protection as soon as possible. Please refer to the appendix for a complete list of vulnerabilities.
Reference link: https://msrc.microsoft.com/update-guide/releaseNote/2023-Mar
Key Vulnerabilities
According to the popularity of the product and the importance of the vulnerability, the vulnerability with greater impact is screened out in this update. Relevant users should pay attention:
Microsoft Outlook privilege escalation vulnerability (CVE-2023-23397):
Microsoft Outlook has a privilege escalation vulnerability. An unauthenticated attacker sends a specially-crafted email to cause the victim to connect to the external UNC location controlled by the attacker, causing the victim’s Net-NTLMv2 hash to be disclosed to the attacker, and the subsequent attacker can relay it to another service and authenticate as the victim to finally achieve privilege escalation. In addition, Microsoft’s official prompt: the specially-crafted email sent by the attacker can be automatically triggered when the Outlook client retrieves and processes it. At present, it has been detected that the vulnerability has been exploited in the wild, and the CVSS score is 9.8.
Official announcement link: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397
Windows SmartScreen security feature bypass vulnerability (CVE-2023-24880):
There is a security function bypass vulnerability in Windows SmartScreen. An unauthenticated remote attacker can induce users to open malicious files. An attacker who successfully exploits this vulnerability can evade the Web Tag (MOTW) defense, thus damaging the integrity and availability of the security function of the MOTW tag. At present, the vulnerability has been publicly disclosed and has been detected to be exploited in the wild. The CVSS score is 5.4.
Official announcement link: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-24880
Internet Control Message Protocol (ICMP) remote code execution vulnerability (CVE-2023-23415):
There is a remote code execution vulnerability in Internet Control Message Protocol (ICMP). When the target host runs an application bound to the original socket, an unauthenticated remote attacker can send low-level protocol errors to the target host to exploit this vulnerability, and finally execute arbitrary code on the target system. The CVSS score is 9.8.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415
HTTP protocol stack remote execution code vulnerability (CVE-2023-23392):
There is a remote code execution vulnerability in the HTTP protocol stack (HTTP. sys). When HTTP/3 is enabled on the server and buffered I/O is used, an unauthenticated attacker can execute arbitrary code by sending a specially crafted HTTP packet to the target server. The CVSS score is 9.8.
The Windows HTTP protocol stack (HTTP. sys) is the kernel driver for handling HTTP requests in the Windows operating system. It is commonly used in the communication between Web browsers and Web servers, as well as in Internet Information Services (IIS).
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23392
Remote Procedure Call Runtime remote code execution vulnerability (CVE-2023-21708):
There is a remote code execution vulnerability in the Remote Procedure Call Runtime. An unauthenticated remote attacker can finally execute code on the server with the same permissions as the RPC service by sending a crafted RPC call to the RPC host. In addition, Microsoft officially recommends blocking TCP 135 port on the enterprise peripheral firewall to reduce the potential attack of this vulnerability. The CVSS score is 9.8.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21708
Windows Cryptographic Services Remote Code Execution Vulnerability (CVE-2023-23416):
There is a remote code execution vulnerability in Windows Cryptographic Services. The attacker first needs to upload the malicious certificate to the service that processes or imports the certificate, or persuade the authenticated user to import the malicious certificate on his own system. An attacker without authentication can finally execute arbitrary code with user privileges on the target system by exploiting this vulnerability. The CVSS score is 8.4.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23416
Windows Point-to-Point Tunneling Protocol remote code execution vulnerability (CVE-2023-23404):
Windows point-to-point tunneling protocol has a remote code execution vulnerability. Unauthenticated remote attackers can finally implement remote code execution on the server side without user interaction by sending a special connection request to the RAS server. The CVSS score is 8.1.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23404
Windows Hyper-V denial of service vulnerability (CVE-2023-23411):
Windows Hyper-V is Microsoft’s local hypervisor. There is a denial-of-service vulnerability in this product. An attacker with low privileges can use this vulnerability to cause a denial-of-service attack on the Hyper-V host. The CVSS score is 6.5.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23411
Scope of Impact
The following are some affected product versions that focus on vulnerabilities. For the scope of other products affected by vulnerabilities, please refer to the official announcement link.
| Vulnerability number | Affected product version |
| CVE-2023-23397 | Microsoft Outlook 2016 (64-bit edition) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Office 2019 for 32-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for 64-bit editions Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office LTSC 2021 for 64-bit editions Microsoft Outlook 2016 (32-bit edition) Microsoft Office LTSC 2021 for 32-bit editions |
| CVE-2023-24880 | Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems |
| CVE-2023-23415 CVE-2023-21708 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2023-23392 | Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 |
| CVE-2023-23416 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2023-23404 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2023-23411 | Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 for x64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems |
Mitigation
At present, Microsoft has officially released a security patch to fix the above vulnerabilities for the supported product versions. It is strongly recommended that the affected users install the patch for protection as soon as possible. The official download link: https://msrc.microsoft.com/update-guide/releaseNote/2023-Mar
Note: Due to network problems, computer environment problems and other reasons, the patch update of Windows Update may fail. After installing the patch, users should check whether the patch is successfully updated.
Right-click the Windows icon, select “Settings”, select “Update and Security” – “Windows Update” to view the prompt information on this page, or click “View Update History” to view the historical updates.
For updates that have not been successfully installed, you can click the update name to jump to the official download page of Microsoft. It is recommended that users click the link on this page and go to the “Microsoft Update Directory” website to download and install the independent package.
Appendix: Vulnerability List
| Impact products | CVE No | Vulnerability Title | Severity |
| Internet Control Message Protocol (ICMP) | CVE-2023-23415 | Internet Control Message Protocol (ICMP) remote code execution vulnerability | Critical |
| Microsoft Office Outlook | CVE-2023-23397 | Microsoft Outlook Privilege Escalation Vulnerability | Critical |
| Remote Access Service Point-to-Point Tunneling Protocol | CVE-2023-23404 | Windows Point to Point Tunneling Protocol Remote Code Execution Vulnerability | Critical |
| Role: Windows Hyper-V | CVE-2023-23411 | Windows Hyper-V Denial of Service Vulnerability | Critical |
| Windows Cryptographic Services | CVE-2023-23416 | Windows Encryption Service Remote Code Execution Vulnerability | Critical |
| Windows HTTP Protocol Stack | CVE-2023-23392 | HTTP protocol stack remote code execution vulnerability | Critical |
| Windows Remote Procedure Call | CVE-2023-21708 | Remote procedure call runtime remote code execution vulnerability | Critical |
| Windows TPM | CVE-2023-1017 | CERT/CC: CVE-2023-1017 TPM2.0 module library privilege escalation vulnerability | Critical |
| Windows TPM | CVE-2023-1018 | CERT/CC: CVE-2023-1018 TPM2.0 module library privilege escalation vulnerability | Critical |
| Azure | CVE-2023-23408 | Azure Apache Ambari spoofing vulnerability | Important |
| Client Server Run-time Subsystem (CSRSS) | CVE-2023-23409 | Client Server Runtime Subsystem (CSRSS) Information Disclosure Vulnerability | Important |
| Client Server Run-time Subsystem (CSRSS) | CVE-2023-23394 | Client Server Runtime Subsystem (CSRSS) Information Disclosure Vulnerability | Important |
| Microsoft Bluetooth Driver | CVE-2023-23388 | Windows Bluetooth driver privilege escalation vulnerability | Important |
| Microsoft Dynamics | CVE-2023-24920 | Microsoft Dynamics 365 (on premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2023-24879 | Microsoft Dynamics 365 (on premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2023-24919 | Microsoft Dynamics 365 (on premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2023-24891 | Microsoft Dynamics 365 (on premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2023-24922 | Microsoft Dynamics 365 Information Disclosure Vulnerability | Important |
| Microsoft Dynamics | CVE-2023-24921 | Microsoft Dynamics 365 (on premises) Cross-site Scripting Vulnerability | Important |
| Microsoft Graphics Component | CVE-2023-24910 | Windows Graphics Component Privilege Escalation Vulnerability | Important |
| Microsoft Office Excel | CVE-2023-23398 | Microsoft Excel Spoofing Vulnerability | Important |
| Microsoft Office Excel | CVE-2023-23396 | Microsoft Excel Denial of Service Vulnerability | Important |
| Microsoft Office Excel | CVE-2023-23399 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2023-23395 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft OneDrive | CVE-2023-24890 | Microsoft OneDrive for iOS Security Feature Bypass Vulnerability | Important |
| Microsoft OneDrive | CVE-2023-24930 | Microsoft OneDrive for MacOS Privilege Escalation Vulnerability | Important |
| Microsoft OneDrive | CVE-2023-24882 | Microsoft OneDrive for Android Information Disclosure Vulnerability | Important |
| Microsoft OneDrive | CVE-2023-24923 | Microsoft OneDrive for Android Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24907 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24857 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24868 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24872 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24876 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24913 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24864 | Microsoft PostScript and PCL6 Class Printer Driver Privilege Escalation Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24866 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24906 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24867 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24863 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24858 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24911 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24870 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24909 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-23406 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-23413 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft PostScript Printer Driver | CVE-2023-24856 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft Printer Drivers | CVE-2023-24865 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Important |
| Microsoft Printer Drivers | CVE-2023-23403 | Microsoft PostScript and PCL6 Printer Driver Remote Code Execution Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2023-23401 | Windows Media Remote Code Execution Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2023-23402 | Windows Media Remote Code Execution Vulnerability | Important |
| Office for Android | CVE-2023-23391 | Office for Android spoofing vulnerability | Important |
| Role: DNS Server | CVE-2023-23400 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Service Fabric | CVE-2023-23383 | Service Fabric Explorer spoofing vulnerability | Important |
| Visual Studio | CVE-2023-23618 | GitHub: CVE-2023-23618 Git for Windows Remote Code Execution Vulnerability | Important |
| Visual Studio | CVE-2023-22743 | GitHub: CVE-2023-22743 Git for Windows Installer Privilege Escalation Vulnerability | Important |
| Visual Studio | CVE-2023-23946 | GitHub: CVE-2023-23946 minit remote code execution vulnerability | Important |
| Visual Studio | CVE-2023-22490 | GitHub: CVE-2023-22490 Mingit Information Disclosure Vulnerability | Important |
| Windows Accounts Control | CVE-2023-23412 | Windows Account Picture Privilege Escalation Vulnerability | Important |
| Windows Bluetooth Service | CVE-2023-24871 | Windows Bluetooth Service Remote Code Execution Vulnerability | Important |
| Windows Central Resource Manager | CVE-2023-23393 | Windows BrokerInfrastructure Service Privilege Escalation Vulnerability | Important |
| Windows Defender | CVE-2023-23389 | Microsoft Defender Privilege Escalation Vulnerability | Important |
| Windows HTTP.sys | CVE-2023-23410 | Windows HTTP.sys Privilege Escalation Vulnerability | Important |
| Windows Internet Key Exchange (IKE) Protocol | CVE-2023-24859 | Windows Internet Key Exchange (IKE) Extended Denial of Service Vulnerability | Important |
| Windows Kernel | CVE-2023-23420 | Windows kernel privilege escalation vulnerability | Important |
| Windows Kernel | CVE-2023-23422 | Windows kernel privilege escalation vulnerability | Important |
| Windows Kernel | CVE-2023-23421 | Windows kernel privilege escalation vulnerability | Important |
| Windows Kernel | CVE-2023-23423 | Windows kernel privilege escalation vulnerability | Important |
| Windows Partition Management Driver | CVE-2023-23417 | Windows Partition Management Driver Privilege Escalation Vulnerability | Important |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) | CVE-2023-23407 | Windows Ethernet Point-to-Point Protocol (PPPoE) Remote Code Execution Vulnerability | Important |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) | CVE-2023-23385 | Windows Ethernet Point-to-Point Protocol (PPPoE) Privilege Escalation Vulnerability | Important |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) | CVE-2023-23414 | Windows Ethernet Point-to-Point Protocol (PPPoE) Remote Code Execution Vulnerability | Important |
| Windows Remote Procedure Call Runtime | CVE-2023-23405 | Remote procedure call runtime remote code execution vulnerability | Important |
| Windows Remote Procedure Call Runtime | CVE-2023-24869 | Remote procedure call runtime remote code execution vulnerability | Important |
| Windows Remote Procedure Call Runtime | CVE-2023-24908 | Remote procedure call runtime remote code execution vulnerability | Important |
| Windows Resilient File System (ReFS) | CVE-2023-23419 | Windows Resilient File System (ReFS) Privilege Escalation Vulnerability | Important |
| Windows Resilient File System (ReFS) | CVE-2023-23418 | Windows Resilient File System (ReFS) Privilege Escalation Vulnerability | Important |
| Windows Secure Channel | CVE-2023-24862 | Windows Secure Channel Denial of Service Vulnerability | Important |
| Windows Win32K | CVE-2023-24861 | Windows Graphics Component Privilege Escalation Vulnerability | Important |
| Windows SmartScreen | CVE-2023-24880 | Windows SmartScreen security feature bypass vulnerability | Moderate |
| Mariner | CVE-2023-0567 | unknown | Unknown |
| Mariner | CVE-2023-20052 | unknown | Unknown |
| Mariner | CVE-2023-20032 | unknown | Unknown |
Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.
NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).
A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.
