Microsoft Windows Security Updates March 2023: What you need to know before installation

windows 11
Martin Brinkmann
Mar 14, 2023
Windows Updates
|
6

Welcome to the overview for the March 2023 Microsoft Windows security releases. Microsoft published security updates for all client and server versions of Windows that it supports.

Security updates and non-security updates are already available for Windows and other Microsoft products, including Microsoft Edge and Microsoft Office.

Our monthly overview offers information about all security patches that Microsoft released, including their severity, known issues as confirmed by Microsoft, links to support pages and downloads, and more.

Click here to check out the February 2023 Microsoft Windows Patch Day overview in case you missed it.

Microsoft Windows Security Updates: March 2023

Here is the Excel spreadsheet for the security updates that Microsoft released on the March 2023 Patch Day. A click on the following link downloads the archive to the local system: Microsoft Windows security updates march 2023

Executive Summary

  • Microsoft released security updates for all supported client and server versions of Windows.
  • Security updates are also available for Azure, Microsoft Office, Microsoft Edge, Microsoft printer drivers, Visual Studio, and other company products.
  • The following Windows client version have known issues: Windows 10, version 1809, version 20H2, 21H1 and 22H2, Windows 11 version 22H2.
  • The following Windows server versions have known issues: Windows Server 2008, 2008 R2, 2012, Windows Server 2019, and Windows Server 2022.

Operating System Distribution

  • Windows 10 version 21H2 and 22H2: 52  vulnerabilities, 7 critical and 44 important and 1 moderate
    • CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
    • CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
    • Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
    • Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
    • Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
    • Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
  • Windows 11 and Windows 11 version 22H2:  54 vulnerabilities, 8 critical and 45 important and 1 moderate
    • HTTP Protocol Stack Remote Code Execution Vulnerability -- CVE-2023-23392
    • CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
    • CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
    • Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
    • Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
    • Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
    • Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416

Windows Server products

  • Windows Server 2008 R2 (extended support only): 20 vulnerabilities: 2 critical and 18 important
    • Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
    • Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
  • Windows Server 2012 R2: 45 vulnerabilities: 4 critical and 41 important
    • Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
    • Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
    • Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
  • Windows Server 2016: 51 vulnerabilities: 7 critical and 43 important and 1 moderate.
    • CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
    • CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
    • Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
    • Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
    • Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
    • Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416
  • Windows Server 2019: 52 vulnerabilities: 7 critical and 44 important and 1 moderate
    • Same as Windows Server 2016.
  •  Windows Server 2022:  54 vulnerabilities: 8 critical and 45 important and 1 moderate
    • HTTP Protocol Stack Remote Code Execution Vulnerability -- CVE-2023-23392
    • CERT/CC: CVE-2023-1017 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1017
    • CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability -- CVE-2023-1018
    • Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2023-21708
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-23404
    • Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-23411
    • Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability -- CVE-2023-23415
    • Windows Cryptographic Services Remote Code Execution Vulnerability -- CVE-2023-23416

Windows Security Updates

Windows 10 version 21H2 and 22H2

Updates and improvements:

  • The update implements the third-phase of DCOM (Distributed Component Object Model) hardening. See this support article for more information.
  • This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.
  • Security issues.
  • All changes introduced in the February 21, 2023 preview update.

Windows 11 Release version 

Updates and improvements:

  • The update implements the third-phase of DCOM (Distributed Component Object Model) hardening. See this support article for more information.
  • This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.
  • Security issues.

Windows 11 version 22H2  

Updates and improvements:

  • The update implements the third-phase of DCOM (Distributed Component Object Model) hardening. See this support article for more information.
  • This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails.
  • Security issues.
  • And all changes introduced in the February 28, 2023 preview update. Check out our Moments 2 update article for the details.

Other security updates

2023-03 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5023713)

2023-03 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5023697)

2023-03 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5023702)

2023-03 Security Only Quality Update for Windows Server 2008 (KB5023754)

2023-03 Security Monthly Quality Rollup for Windows Server 2008 (KB5023755)

2023-03 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5023759)

2023-03 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5023769)

2023-03 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5023752)

2023-03 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5023756)

2023-03 Security Only Quality Update for Windows Server 2012 R2 (KB5023764)

2023-03 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5023765)

2023-03 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5023786)

2023-03 Cumulative Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5023705)

Known Issues

Windows 10 versions 21H2 and 22H2

  • (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.

Windows 11 version 22H2

  • (New) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
    • Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.
  • (Old) Updates released on February 14, 2023 or later may not be offered from some WSUS servers to Windows 11 version 22H2.
  • (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
    • Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
  • (Old) Copying large files (multiple gigabytes) may take longer than expected.
    • Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.

Security advisories and updates

Non-security updates

Microsoft Office Updates

You find Office update information here.

How to download and install the February 2023 security updates

Home and non-managed devices with Windows receive updates automatically via Windows Update by default. It may take hours and sometimes even longer before updates are offered on some devices. Some administrators may want to expedite the installation of security updates, and this is possible by running manual checks for updates.

Do the following to run a manual check for updates:

  1. Select Start, type Windows Update and load the Windows Update item that is displayed.
  2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 10 Version 21H2

  • KB5023696  -- 2023-03 Cumulative Update for Windows 10 Version 21H2

Windows 10 version 22H2

  • KB5023696  -- 2023-03 Cumulative Update for Windows 10 Version 21H2

Windows 11 Release version

  • KB5023698 -- 2023-03 Cumulative Update for Windows 11
Windows 11 version 22H2
  • KB5023706 -- 2023-03 Cumulative Update for Windows 11 version 22H2

Additional resources

Summary
Article Name
Microsoft Windows Security Updates March 2023: What you need to know before installation
Description
Microsoft released security and non-security updates for all supported versions of Windows on the March 2023 Patch Day.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Related content

Microsoft releases the April 2024 Security Updates for Windows

Overview of the March 2024 Windows Security Updates

The Windows Security Updates for February 2024 are here

Microsoft confirms 0x80070643 error during Windows update installation

Fix 0x80070643 - Error Install Failure when trying to install Windows Update

The first Windows security updates of 2024 are here

Previous Post: «
Next Post: «

Comments

  1. alvaro said on March 27, 2023 at 4:19 pm
    Reply

    Issues with this last KB5023697, when a file is download, cannot be open.

    reddit link: https://www.reddit.com/r/sysadmin/comments/11t3flh/cve202324880_mitigation_kb5023697_blocks/

  2. JJ Massachusetts said on March 16, 2023 at 7:10 pm
    Reply

    Microsoft over rode the settings to install this Cum Update at a time/date of my choosing – AGAIN. The update installed immediately when I tried to power down the PC. Windows 10. ?? WHY?? Very disturbing that MS is over-riding this setting for no reason, with no warning, and with no explanation,

  3. Belga said on March 15, 2023 at 3:08 pm
    Reply

    In the Excel spreadsheet for the security updates, lines 1850 and 1861 : the link directs to KB 5002348 (office 2013 x64) instead of 5002351 (office 2016 x64).

    Thank you for the report Martin !

  4. Fish said on March 15, 2023 at 4:52 am
    Reply

    Hi Martin,

    I feel so very sorry for how popularity of your excellent web has plummeted in spite of all attempts to shore it (done to the contrary). Seriously.

    Oh, well.

  5. Someone said on March 14, 2023 at 9:35 pm
    Reply

    That security updates, made me to get a headace, and that’s why I turned off those, with a 3rd tool app, called “in control” (thanks to gHacks article). Microsoft just maked my 7 yr old pc to get more slow.

    1. Anonymous said on March 15, 2023 at 8:51 am
      Reply

      Don’t forget to take a photo about both sides of your credit card and post it on facebook.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Spread the Word

Hot Discussions

Latest from Softonic

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2024 - All rights reserved
Exit mobile version