by Microsoft released the March routine security update on Tuesday, fixing 74 vulnerabilities, two of which are 0days being exploited——CVE-2023-23397 has a danger score of 9.8/10 and is a privilege escalation vulnerability in Microsoft Outlook. Microsoft did not disclose the details of the vulnerability, but disclosed that it is being used by Russian hackers to attack government, energy and military departments in Europe; CVE-2023-24880 is a Windows SmartScreen bypass vulnerability, and its danger score is only 5.4/10. Being exploited by ransomware groups.
https://www.theregister.com/2023/03/14/microsoft_patch_tuesday/
