March 2023 Security Updates
Updates this Month

This release consists of security updates for the following products, features and roles.

Azure
Client Server Run-time Subsystem (CSRSS)
Internet Control Message Protocol (ICMP)
Microsoft Bluetooth Driver
Microsoft Dynamics
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft Office Excel
Microsoft Office Outlook
Microsoft Office SharePoint
Microsoft OneDrive
Microsoft PostScript Printer Driver
Microsoft Printer Drivers
Microsoft Windows Codecs Library
Office for Android
Remote Access Service Point-to-Point Tunneling Protocol
Role: DNS Server
Role: Windows Hyper-V
Service Fabric
Visual Studio
Windows Accounts Control
Windows Bluetooth Service
Windows Central Resource Manager
Windows Cryptographic Services
Windows Defender
Windows HTTP Protocol Stack
Windows HTTP.sys
Windows Internet Key Exchange (IKE) Protocol
Windows Kernel
Windows Partition Management Driver
Windows Point-to-Point Protocol over Ethernet (PPPoE)
Windows Remote Procedure Call
Windows Remote Procedure Call Runtime
Windows Resilient File System (ReFS)
Windows Secure Channel
Windows SmartScreen
Windows TPM
Windows Win32K
Please note the following information regarding the security updates:

Security Update Guide Blog Posts
Date Blog Post
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
December 29, 2022 Security Update Guide Improvement Ė Representing Hotpatch Updates
August 9, 2022 Security Update Guide Notification System News: Create your profile now
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Letís keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Information
The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
FAQs, Mitigations, and Workarounds
The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

CVE-2023-1017
CVE-2023-1018
CVE-2023-1213
CVE-2023-1214
CVE-2023-1215
CVE-2023-1216
CVE-2023-1217
CVE-2023-1218
CVE-2023-1219
CVE-2023-1220
CVE-2023-1221
CVE-2023-1222
CVE-2023-1223
CVE-2023-1224
CVE-2023-1228
CVE-2023-1229
CVE-2023-1230
CVE-2023-1231
CVE-2023-1232
CVE-2023-1233
CVE-2023-1234
CVE-2023-1235
CVE-2023-1236
CVE-2023-21708
CVE-2023-22490
CVE-2023-22743
CVE-2023-23383
CVE-2023-23385
CVE-2023-23388
CVE-2023-23389
CVE-2023-23391
CVE-2023-23392
CVE-2023-23393
CVE-2023-23394
CVE-2023-23395
CVE-2023-23396
CVE-2023-23397
CVE-2023-23398
CVE-2023-23399
CVE-2023-23400
CVE-2023-23401
CVE-2023-23402
CVE-2023-23403
CVE-2023-23404
CVE-2023-23405
CVE-2023-23406
CVE-2023-23407
CVE-2023-23408
CVE-2023-23409
CVE-2023-23410
CVE-2023-23411
CVE-2023-23412
CVE-2023-23413
CVE-2023-23414
CVE-2023-23415
CVE-2023-23416
CVE-2023-23417
CVE-2023-23418
CVE-2023-23419
CVE-2023-23420
CVE-2023-23421
CVE-2023-23422
CVE-2023-23423
CVE-2023-23618
CVE-2023-23946
CVE-2023-24856
CVE-2023-24857
CVE-2023-24858
CVE-2023-24861
CVE-2023-24863
CVE-2023-24864
CVE-2023-24865
CVE-2023-24866
CVE-2023-24867
CVE-2023-24868
CVE-2023-24869
CVE-2023-24870
CVE-2023-24871
CVE-2023-24872
CVE-2023-24876
CVE-2023-24879
CVE-2023-24880
CVE-2023-24882
CVE-2023-24890
CVE-2023-24891
CVE-2023-24892
CVE-2023-24906
CVE-2023-24908
CVE-2023-24909
CVE-2023-24910
CVE-2023-24911
CVE-2023-24913
CVE-2023-24919
CVE-2023-24920
CVE-2023-24921
CVE-2023-24922
CVE-2023-24923
CVE-2023-24930
Known Issues
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article Applies To
5002355 SharePoint Server Subscription Edition
5002396 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
5023702 Windows 10, version 1809, Windows Server 2019
5023705 Windows Server 2022
5023706 Windows 11 version 22H2
5023752 Windows Server 2012 (Security-only update)
5023754 Windows Server 2008 (Security-only update)
5023755 Windows Server 2008 (Monthly Rollup)
5023756 Windows Server 2012 (Monthly Rollup)
5023759 Windows Server 2008 R2 (Security-only update)
5023769 Windows Server 2008 R2 (Monthly Rollup)
Released: Mar 14, 2023
https://msrc.microsoft.com/update-gu...eNote/2023-Mar