Microsoft Windows Security Updates March 2023: What you need to know before installation
Welcome to the overview for the March 2023 Microsoft Windows security releases. Microsoft published security updates for all client and server versions of Windows that it supports.
Security updates and non-security updates are already available for Windows and other Microsoft products, including Microsoft Edge and Microsoft Office.
Our monthly overview offers information about all security patches that Microsoft released, including their severity, known issues as confirmed by Microsoft, links to support pages and downloads, and more.
Click here to check out the February 2023 Microsoft Windows Patch Day overview in case you missed it.
Microsoft Windows Security Updates: March 2023
Here is the Excel spreadsheet for the security updates that Microsoft released on the March 2023 Patch Day. A click on the following link downloads the archive to the local system: Microsoft Windows security updates march 2023
Executive Summary
- Microsoft released security updates for all supported client and server versions of Windows.
- Security updates are also available for Azure, Microsoft Office, Microsoft Edge, Microsoft printer drivers, Visual Studio, and other company products.
- The following Windows client version have known issues: Windows 10, version 1809, version 20H2, 21H1 and 22H2, Windows 11 version 22H2.
- The following Windows server versions have known issues: Windows Server 2008, 2008 R2, 2012, Windows Server 2019, and Windows Server 2022.
Operating System Distribution
- Windows 10 version 21H2 and 22H2: 52 vulnerabilities, 7 critical and 44 important and 1 moderate
- CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
- CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
- Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
- Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
- Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
- Windows 11 and Windows 11 version 22H2: 54 vulnerabilities, 8 critical and 45 important and 1 moderate
- HTTP Protocol Stack Remote Code Execution Vulnerability -- CVE-2023-23392
- CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
- CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
- Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
- Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
- Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
Windows Server products
- Windows Server 2008 R2 (extended support only): 20 vulnerabilities: 2 critical and 18 important
- Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
- Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
- Windows Server 2012 R2: 45 vulnerabilities: 4 critical and 41 important
- Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
- Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
- Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
- Windows Server 2016: 51 vulnerabilities: 7 critical and 43 important and 1 moderate.
- CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
- CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
- Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
- Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
- Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
- Windows Server 2019: 52 vulnerabilities: 7 critical and 44 important and 1 moderate
- Same as Windows Server 2016.
- Windows Server 2022: 54 vulnerabilities: 8 critical and 45 important and 1 moderate
- HTTP Protocol Stack Remote Code Execution Vulnerability -- CVE-2023-23392
- CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
- CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
- Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
- Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
- Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
Windows Security Updates
Windows 10 version 21H2 and 22H2
- Support Page: KB5023696
Updates and improvements:
- The update implements the third-phase of DCOM (Distributed Component Object Model) hardening. See this support article for more information.
- This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.
- Security issues.
- All changes introduced in the February 21, 2023 preview update.
Windows 11 Release version
- Support Page: KB5023698
Updates and improvements:
- The update implements the third-phase of DCOM (Distributed Component Object Model) hardening. See this support article for more information.
- This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.
- Security issues.
Windows 11 version 22H2
- Support Page: KB5023706
Updates and improvements:
- The update implements the third-phase of DCOM (Distributed Component Object Model) hardening. See this support article for more information.
- This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.
- Security issues.
- And all changes introduced in the February 28, 2023 preview update. Check out our Moments 2 update article for the details.
Other security updates
2023-03 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5023713)
2023-03 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5023697)
2023-03 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5023702)
2023-03 Security Only Quality Update for Windows Server 2008 (KB5023754)
2023-03 Security Monthly Quality Rollup for Windows Server 2008 (KB5023755)
2023-03 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5023759)
2023-03 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5023769)
2023-03 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5023752)
2023-03 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5023756)
2023-03 Security Only Quality Update for Windows Server 2012 R2 (KB5023764)
2023-03 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5023765)
2023-03 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5023786)
2023-03 Cumulative Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5023705)
Known Issues
Windows 10 versions 21H2 and 22H2
- (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.
- Workaround described on the support page.
Windows 11 version 22H2
- (New) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
- Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.
- (Old) Updates released on February 14, 2023 or later may not be offered from some WSUS servers to Windows 11 version 22H2.
- A support page is available on Tech Community that offers a mitigation of the issue.
- (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
- Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
- (Old) Copying large files (multiple gigabytes) may take longer than expected.
- Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.
Security advisories and updates
- ADV 990001 -- Latest Servicing Stack Updates
Non-security updates
Microsoft Office Updates
You find Office update information here.
How to download and install the February 2023 security updates
Home and non-managed devices with Windows receive updates automatically via Windows Update by default. It may take hours and sometimes even longer before updates are offered on some devices. Some administrators may want to expedite the installation of security updates, and this is possible by running manual checks for updates.
Do the following to run a manual check for updates:
- Select Start, type Windows Update and load the Windows Update item that is displayed.
- Select check for updates to run a manual check for updates.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 10 Version 21H2
- KB5023696 -- 2023-03 Cumulative Update for Windows 10 Version 21H2
Windows 10 version 22H2
- KB5023696 -- 2023-03 Cumulative Update for Windows 10 Version 21H2
Windows 11 Release version
- KB5023698 -- 2023-03 Cumulative Update for Windows 11
- KB5023706 -- 2023-03 Cumulative Update for Windows 11 version 22H2
Additional resources
- March 2023 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 11 Update History
- Windows 10 Update History
Issues with this last KB5023697, when a file is download, cannot be open.
reddit link: https://www.reddit.com/r/sysadmin/comments/11t3flh/cve202324880_mitigation_kb5023697_blocks/
Microsoft over rode the settings to install this Cum Update at a time/date of my choosing – AGAIN. The update installed immediately when I tried to power down the PC. Windows 10. ?? WHY?? Very disturbing that MS is over-riding this setting for no reason, with no warning, and with no explanation,
In the Excel spreadsheet for the security updates, lines 1850 and 1861 : the link directs to KB 5002348 (office 2013 x64) instead of 5002351 (office 2016 x64).
Thank you for the report Martin !
Hi Martin,
I feel so very sorry for how popularity of your excellent web has plummeted in spite of all attempts to shore it (done to the contrary). Seriously.
Oh, well.
That security updates, made me to get a headace, and that’s why I turned off those, with a 3rd tool app, called “in control” (thanks to gHacks article). Microsoft just maked my 7 yr old pc to get more slow.
Don’t forget to take a photo about both sides of your credit card and post it on facebook.