Windows 10: microsoft May 2023 Security Updates

May 2023 Security UpdatesThis release consists of the following 40 Microsoft CVEs:We are republising 9 non-Microsoft CVEs:CNA Tag CVE FAQs? Workarounds? Mitigations?Chrome Microsoft Edge Chromium-based CVE-2023-2459 Yes No NoChrome Microsoft Edge Chromium-based CVE-2023-2460 Yes No NoChrome Microsoft Edge Chromium-based CVE-2023-2462 Yes No NoChrome Microsoft Edge Chromium-based CVE-2023-2463 Yes No NoChrome Microsoft Edge Chromium-based CVE-2023-2464 Yes No NoChrome Microsoft Edge Ch

:)

 

Microsoft April 2023 Security Updates

April 2023 Security Updates
Updates this Month
This release consists of security updates for the following products, features and roles.

.NET Core
Azure Machine Learning
Azure Service Connector
Microsoft Bluetooth Driver
Microsoft Defender for Endpoint
Microsoft Dynamics
Microsoft Dynamics 365 Customer Voice
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft Message Queuing
Microsoft Office
Microsoft Office Publisher
Microsoft Office SharePoint
Microsoft Office Word
Microsoft PostScript Printer Driver
Microsoft Printer Drivers
Microsoft WDAC OLE DB provider for SQL
Microsoft Windows DNS
Visual Studio
Visual Studio Code
Windows Active Directory
Windows ALPC
Windows Ancillary Function Driver for WinSock
Windows Boot Manager
Windows Clip Service
Windows CNG Key Isolation Service
Windows Common Log File System Driver
Windows DHCP Server
Windows Enroll Engine
Windows Error Reporting
Windows Group Policy
Windows Internet Key Exchange (IKE) Protocol
Windows Kerberos
Windows Kernel
Windows Layer 2 Tunneling Protocol
Windows Lock Screen
Windows Netlogon
Windows Network Address Translation (NAT)
Windows Network File System
Windows Network Load Balancing
Windows NTLM
Windows PGM
Windows Point-to-Point Protocol over Ethernet (PPPoE)
Windows Point-to-Point Tunneling Protocol
Windows Raw Image Extension
Windows RDP Client
Windows Registry
Windows RPC API
Windows Secure Boot
Windows Secure Channel
Windows Secure Socket Tunneling Protocol (SSTP)
Windows Transport Security Layer (TLS)
Windows Win32K
Please note the following information regarding the security updates:

Security Update Guide Blog Posts
Date Blog Post
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Information
The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
FAQs, Mitigations, and Workarounds
The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

CVE-2023-21554
CVE-2023-21727
CVE-2023-21729
CVE-2023-23375
CVE-2023-23384
CVE-2023-24860
CVE-2023-24883
CVE-2023-24884
CVE-2023-24885
CVE-2023-24886
CVE-2023-24887
CVE-2023-24893
CVE-2023-24912
CVE-2023-24914
CVE-2023-24924
CVE-2023-24925
CVE-2023-24926
CVE-2023-24927
CVE-2023-24928
CVE-2023-24929
CVE-2023-24935
CVE-2023-28216
CVE-2023-28218
CVE-2023-28219
CVE-2023-28220
CVE-2023-28221
CVE-2023-28222
CVE-2023-28223
CVE-2023-28224
CVE-2023-28225
CVE-2023-28226
CVE-2023-28227
CVE-2023-28228
CVE-2023-28229
CVE-2023-28231
CVE-2023-28232
CVE-2023-28233
CVE-2023-28234
CVE-2023-28235
CVE-2023-28236
CVE-2023-28237
CVE-2023-28238
CVE-2023-28240
CVE-2023-28243
CVE-2023-28244
CVE-2023-28246
CVE-2023-28247
CVE-2023-28248
CVE-2023-28249
CVE-2023-28250
CVE-2023-28251
CVE-2023-28252
CVE-2023-28253
CVE-2023-28254
CVE-2023-28255
CVE-2023-28256
CVE-2023-28260
CVE-2023-28262
CVE-2023-28263
CVE-2023-28266
CVE-2023-28267
CVE-2023-28268
CVE-2023-28269
CVE-2023-28270
CVE-2023-28271
CVE-2023-28272
CVE-2023-28273
CVE-2023-28274
CVE-2023-28275
CVE-2023-28276
CVE-2023-28277
CVE-2023-28278
CVE-2023-28284
CVE-2023-28285
CVE-2023-28287
CVE-2023-28288
CVE-2023-28291
CVE-2023-28292
CVE-2023-28295
CVE-2023-28296
CVE-2023-28297
CVE-2023-28300
CVE-2023-28301
CVE-2023-28304
CVE-2023-28305
CVE-2023-28306
CVE-2023-28307
CVE-2023-28308
CVE-2023-28309
CVE-2023-28311
CVE-2023-28312
CVE-2023-28313
CVE-2023-28314
Known Issues
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article Applies To
5002375 SharePoint Server Subscription Edition
5025221 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
5025224 Windows 11 version 21H2
5025229 Windows 10, Version 1809, Windows Server 2019
5025230 Windows Server 2022
5025239 Windows 11 version 22H2
5025271 Windows Server 2008 (Monthly Rollup)
5025273 Windows Server 2008 (Security-only update)
5025277 Windows Server 2008 R2 (Security-only update)
5025279 Windows Server 2008 R2 (Monthly Rollup)Released: Apr 11, 2023

https://msrc.microsoft.com/update-gu...eNote/2023-Apr

 

Microsoft February 2023 Security Updates

February 2023 Security Updates

Updates this Month

This release consists of security updates for the following products, features and roles.

• .NET and Visual Studio
• .NET Framework
• 3D Builder
• Azure App Service
• Azure Data Box Gateway
• Azure DevOps
• Azure Machine Learning
• HoloLens
• Internet Storage Name Service
• Microsoft Defender for Endpoint
• Microsoft Defender for IoT
• Microsoft Dynamics
• Microsoft Edge (Chromium-based)
• Microsoft Exchange Server
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office OneNote
• Microsoft Office Publisher
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft PostScript Printer Driver
• Microsoft WDAC OLE DB provider for SQL
• Microsoft Windows Codecs Library
• Power BI
• SQL Server
• Visual Studio
• Windows Active Directory
• Windows ALPC
• Windows Common Log File System Driver
• Windows Cryptographic Services
• Windows Distributed File System (DFS)
• Windows Fax and Scan Service
• Windows HTTP.sys
• Windows Installer
• Windows iSCSI
• Windows Kerberos
• Windows MSHTML Platform
• Windows ODBC Driver
• Windows Protected EAP (PEAP)
• Windows SChannel
• Windows Win32K

Please note the following information regarding the security updates:
Security Update Guide Blog Posts

[table][tr]Date Blog Post [/tr] [tr][td]January 6, 2023[/td] [td]Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API[/td] [/tr] [tr][td]December 29, 2022[/td] [td]Security Update Guide Improvement – Representing Hotpatch Updates[/td] [/tr] [tr][td]August 9, 2022[/td] [td]Security Update Guide Notification System News: Create your profile now[/td] [/tr] [tr][td]January 11, 2022[/td] [td]Coming Soon: New Security Update Guide Notification System[/td] [/tr] [tr][td]February 9, 2021[/td] [td]Continuing to Listen: Good News about the Security Update Guide API[/td] [/tr] [tr][td]January 13, 2021[/td] [td]Security Update Guide Supports CVEs Assigned by Industry Partners[/td] [/tr] [tr][td]December 8, 2020[/td] [td]Security Update Guide: Let’s keep the conversation going[/td] [/tr] [tr][td]November 9, 2020[/td] [td]Vulnerability Descriptions in the New Version of the Security Update Guide[/td] [/tr] [/table]
Relevant Information

• The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

FAQs, Mitigations, and Workarounds

The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

• CVE-2019-15126
• CVE-2023-21528
• CVE-2023-21529
• CVE-2023-21553
• CVE-2023-21564
• CVE-2023-21566
• CVE-2023-21567
• CVE-2023-21568
• CVE-2023-21570
• CVE-2023-21571
• CVE-2023-21572
• CVE-2023-21573
• CVE-2023-21684
• CVE-2023-21685
• CVE-2023-21686
• CVE-2023-21687
• CVE-2023-21688
• CVE-2023-21689
• CVE-2023-21690
• CVE-2023-21691
• CVE-2023-21692
• CVE-2023-21693
• CVE-2023-21694
• CVE-2023-21695
• CVE-2023-21697
• CVE-2023-21699
• CVE-2023-21700
• CVE-2023-21703
• CVE-2023-21704
• CVE-2023-21705
• CVE-2023-21706
• CVE-2023-21707
• CVE-2023-21710
• CVE-2023-21713
• CVE-2023-21714
• CVE-2023-21715
• CVE-2023-21716
• CVE-2023-21717
• CVE-2023-21718
• CVE-2023-21720
• CVE-2023-21721
• CVE-2023-21722
• CVE-2023-21777
• CVE-2023-21778
• CVE-2023-21794
• CVE-2023-21797
• CVE-2023-21798
• CVE-2023-21799
• CVE-2023-21800
• CVE-2023-21801
• CVE-2023-21802
• CVE-2023-21803
• CVE-2023-21804
• CVE-2023-21805
• CVE-2023-21806
• CVE-2023-21807
• CVE-2023-21808
• CVE-2023-21809
• CVE-2023-21812
• CVE-2023-21815
• CVE-2023-21817
• CVE-2023-21820
• CVE-2023-21822
• CVE-2023-21823
• CVE-2023-23374
• CVE-2023-23376
• CVE-2023-23377
• CVE-2023-23378
• CVE-2023-23379
• CVE-2023-23381
• CVE-2023-23382
• CVE-2023-23390

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.
For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).
[table][tr]KB Article Applies To [/tr] [tr][td]5022083[/td] [td]Change in how WPF-based applications render XPS documents[/td] [/tr] [tr][td]5022834[/td] [td]Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2[/td] [/tr] [tr][td]5022840[/td] [td]Windows 10, version 1809, Windows Server 2019[/td] [/tr] [tr][td]5022845[/td] [td]Windows 11 version 22H2[/td] [/tr] [tr][td]5022872[/td] [td]Windows Server 2008 R2 (Monthly Rollup)[/td] [/tr] [tr][td]5022874[/td] [td]Windows Server 2008 R2 (Security-only update)[/td] [/tr] [tr][td]5022890[/td] [td]Windows Server 2008 (Monthly Rollup)[/td] [/tr] [tr][td]5022893[/td] [td]Windows Server 2008 (Security-only update)[/td] [/tr] [tr][td]5022894[/td] [td]Windows Server 2012 R2 (Security-only update)[/td] [/tr] [tr][td]5022895[/td] [td]Windows Server 2012 (Security-only update)[/td] [/tr] [tr][td]5022899[/td] [td]Windows Server 2012 R2 (Monthly Rollup)[/td] [/tr] [tr][td]5022903[/td] [td]Windows Server 2012 (Monthly Rollup)[/td] [/tr] [/table]

Released: Feb 14, 2023

 

Microsoft March 2023 Security Updates

March 2023 Security Updates
Updates this Month

This release consists of security updates for the following products, features and roles.

Azure
Client Server Run-time Subsystem (CSRSS)
Internet Control Message Protocol (ICMP)
Microsoft Bluetooth Driver
Microsoft Dynamics
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft Office Excel
Microsoft Office Outlook
Microsoft Office SharePoint
Microsoft OneDrive
Microsoft PostScript Printer Driver
Microsoft Printer Drivers
Microsoft Windows Codecs Library
Office for Android
Remote Access Service Point-to-Point Tunneling Protocol
Role: DNS Server
Role: Windows Hyper-V
Service Fabric
Visual Studio
Windows Accounts Control
Windows Bluetooth Service
Windows Central Resource Manager
Windows Cryptographic Services
Windows Defender
Windows HTTP Protocol Stack
Windows HTTP.sys
Windows Internet Key Exchange (IKE) Protocol
Windows Kernel
Windows Partition Management Driver
Windows Point-to-Point Protocol over Ethernet (PPPoE)
Windows Remote Procedure Call
Windows Remote Procedure Call Runtime
Windows Resilient File System (ReFS)
Windows Secure Channel
Windows SmartScreen
Windows TPM
Windows Win32K
Please note the following information regarding the security updates:

Security Update Guide Blog Posts
Date Blog Post
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
December 29, 2022 Security Update Guide Improvement – Representing Hotpatch Updates
August 9, 2022 Security Update Guide Notification System News: Create your profile now
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Information
The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
FAQs, Mitigations, and Workarounds
The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

CVE-2023-1017
CVE-2023-1018
CVE-2023-1213
CVE-2023-1214
CVE-2023-1215
CVE-2023-1216
CVE-2023-1217
CVE-2023-1218
CVE-2023-1219
CVE-2023-1220
CVE-2023-1221
CVE-2023-1222
CVE-2023-1223
CVE-2023-1224
CVE-2023-1228
CVE-2023-1229
CVE-2023-1230
CVE-2023-1231
CVE-2023-1232
CVE-2023-1233
CVE-2023-1234
CVE-2023-1235
CVE-2023-1236
CVE-2023-21708
CVE-2023-22490
CVE-2023-22743
CVE-2023-23383
CVE-2023-23385
CVE-2023-23388
CVE-2023-23389
CVE-2023-23391
CVE-2023-23392
CVE-2023-23393
CVE-2023-23394
CVE-2023-23395
CVE-2023-23396
CVE-2023-23397
CVE-2023-23398
CVE-2023-23399
CVE-2023-23400
CVE-2023-23401
CVE-2023-23402
CVE-2023-23403
CVE-2023-23404
CVE-2023-23405
CVE-2023-23406
CVE-2023-23407
CVE-2023-23408
CVE-2023-23409
CVE-2023-23410
CVE-2023-23411
CVE-2023-23412
CVE-2023-23413
CVE-2023-23414
CVE-2023-23415
CVE-2023-23416
CVE-2023-23417
CVE-2023-23418
CVE-2023-23419
CVE-2023-23420
CVE-2023-23421
CVE-2023-23422
CVE-2023-23423
CVE-2023-23618
CVE-2023-23946
CVE-2023-24856
CVE-2023-24857
CVE-2023-24858
CVE-2023-24861
CVE-2023-24863
CVE-2023-24864
CVE-2023-24865
CVE-2023-24866
CVE-2023-24867
CVE-2023-24868
CVE-2023-24869
CVE-2023-24870
CVE-2023-24871
CVE-2023-24872
CVE-2023-24876
CVE-2023-24879
CVE-2023-24880
CVE-2023-24882
CVE-2023-24890
CVE-2023-24891
CVE-2023-24892
CVE-2023-24906
CVE-2023-24908
CVE-2023-24909
CVE-2023-24910
CVE-2023-24911
CVE-2023-24913
CVE-2023-24919
CVE-2023-24920
CVE-2023-24921
CVE-2023-24922
CVE-2023-24923
CVE-2023-24930
Known Issues
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article Applies To
5002355 SharePoint Server Subscription Edition
5002396 Windows 10, version 20H2, Windows 10, version 21H2, Windows 10, version 22H2
5023702 Windows 10, version 1809, Windows Server 2019
5023705 Windows Server 2022
5023706 Windows 11 version 22H2
5023752 Windows Server 2012 (Security-only update)
5023754 Windows Server 2008 (Security-only update)
5023755 Windows Server 2008 (Monthly Rollup)
5023756 Windows Server 2012 (Monthly Rollup)
5023759 Windows Server 2008 R2 (Security-only update)
5023769 Windows Server 2008 R2 (Monthly Rollup)
Released: Mar 14, 2023
https://msrc.microsoft.com/update-gu...eNote/2023-Mar