Microsoft May 2023 Patch Tuesday Fixes 3 Zero-Days

May 2023 Patch Tuesday Addresses 3 0-Day Vulnerabilities, 38 Others

Microsoft May 2023 Patch Tuesday Fixes 3 Zero-Days

Microsoft May 2023 Patch Tuesday Fixes 3 Zero-Days

As part of its May 2023 Patch Tuesday Update, Microsoft has released numerous security updates in response to various vulnerabilities; three among which had already been identified as zero day threats due to ongoing exploitation by bad actors: CVE-2023-29336, CVE-2023-29325, and CVE-2023-24932.

CVE-2023-29336 – Win32k Kernel driver

CVE-2023-29336 exists within the Windows 10 operating system and permits privilege escalation where an attacker may achieve unauthorized access upon exploiting this flaw successfully; thus gaining elevated SYSTEM privileges beyond those authorized.

CVE-2023-29325 – OLE Flaw

CVE-2023-29325 relates specifically to customers making use of Microsoft Outlook and involves public disclosure of arbitrary code execution techniques by attackers who may prompt users into opening corrupt Office documents on a compromised system.

CVE-2023-24932 – Secure Boot Bypass

CVE-2023-24932 builds off recently resolved vulnerabilities from earlier versions. Reports indicate that hackers have been utilizing it for one very specific reason – – installing BlackLotus UEFI bootkits on targeted devices or systems! This invasion facilitates individual administrative rights’ acquisition following the deployment of malicious software as command-and-control nodes in subsequent attacks against other endpoints. These bootkits are potentially only accessible when physical access or administrative rights are already available in proximity/system; exacerbating ransomware threats.

To help system administrators avoid such vulnerabilities, Microsoft offers patches specifically for all vulnerabilities mentioned; it is strongly encouraged that users and organizations employing Windows apply these patches in a timely manner.

The following CVEs were all addressed by Microsoft on this Patch Tuesday:

CVE Number CVE Title Impact Severity Tag
CVE-2023-29344 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution Important Microsoft Office
CVE-2023-29333 Microsoft Access Denial of Service Vulnerability Denial of Service Important Microsoft Office Access
CVE-2023-29325 Windows OLE Remote Code Execution Vulnerability Remote Code Execution Critical Windows OLE
CVE-2023-24904 Windows Installer Elevation of Privilege Vulnerability Elevation of Privilege Important Windows Installer
CVE-2023-28290 Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability Information Disclosure Important Windows RDP Client
CVE-2023-28251 Windows Driver Revocation List Security Feature Bypass Vulnerability Security Feature Bypass Important Windows Secure Boot
CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability Security Feature Bypass Important Windows Secure Boot
CVE-2023-29343 SysInternals Sysmon for Windows Elevation of Privilege Vulnerability Elevation of Privilege Important SysInternals
CVE-2023-29341 AV1 Video Extension Remote Code Execution Vulnerability Remote Code Execution Important Microsoft Windows Codecs Library
CVE-2023-29340 AV1 Video Extension Remote Code Execution Vulnerability Remote Code Execution Important Microsoft Windows Codecs Library
CVE-2023-29338 Visual Studio Code Information Disclosure Vulnerability Information Disclosure Important Visual Studio Code
CVE-2023-29336 Win32k Elevation of Privilege Vulnerability Elevation of Privilege Important Windows Win32K
CVE-2023-29335 Microsoft Word Security Feature Bypass Vulnerability Security Feature Bypass Important Microsoft Office Word
CVE-2023-29324 Windows MSHTML Platform Security Feature Bypass Vulnerability Security Feature Bypass Important Windows MSHTML Platform
CVE-2023-24955 Microsoft SharePoint Server Remote Code Execution Vulnerability Remote Code Execution Critical Microsoft Office SharePoint
CVE-2023-24954 Microsoft SharePoint Server Information Disclosure Vulnerability Information Disclosure Important Microsoft Office SharePoint
CVE-2023-24953 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important Microsoft Office Excel
CVE-2023-24950 Microsoft SharePoint Server Spoofing Vulnerability Spoofing Important Microsoft Office SharePoint
CVE-2023-24949 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege Important Windows Kernel
CVE-2023-24948 Windows Bluetooth Driver Elevation of Privilege Vulnerability Elevation of Privilege Important Microsoft Bluetooth Driver
CVE-2023-24947 Windows Bluetooth Driver Remote Code Execution Vulnerability Remote Code Execution Important Microsoft Bluetooth Driver
CVE-2023-24946 Windows Backup Service Elevation of Privilege Vulnerability Elevation of Privilege Important Windows Backup Engine
CVE-2023-24945 Windows iSCSI Target Service Information Disclosure Vulnerability Information Disclosure Important Windows iSCSI Target Service
CVE-2023-24944 Windows Bluetooth Driver Information Disclosure Vulnerability Information Disclosure Important Microsoft Bluetooth Driver
CVE-2023-24905 Remote Desktop Client Remote Code Execution Vulnerability Remote Code Execution Important Remote Desktop Client
CVE-2023-24943 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Remote Code Execution Critical Windows PGM
CVE-2023-24903 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Remote Code Execution Critical Windows Secure Socket Tunneling Protocol (SSTP)
CVE-2023-24942 Remote Procedure Call Runtime Denial of Service Vulnerability Denial of Service Important Windows Remote Procedure Call Runtime
CVE-2023-24902 Win32k Elevation of Privilege Vulnerability Elevation of Privilege Important Windows Win32K
CVE-2023-24941 Windows Network File System Remote Code Execution Vulnerability Remote Code Execution Critical Windows Network File System
CVE-2023-24901 Windows NFS Portmapper Information Disclosure Vulnerability Information Disclosure Important Windows NFS Portmapper
CVE-2023-24940 Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability Denial of Service Important Windows PGM
CVE-2023-24900 Windows NTLM Security Support Provider Information Disclosure Vulnerability Information Disclosure Important Windows NTLM
CVE-2023-24939 Server for NFS Denial of Service Vulnerability Denial of Service Important Windows NFS Portmapper
CVE-2023-24899 Windows Graphics Component Elevation of Privilege Vulnerability Elevation of Privilege Important Microsoft Graphics Component
CVE-2023-24898 Windows SMB Denial of Service Vulnerability Denial of Service Important Windows SMB
CVE-2023-28283 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Remote Code Execution Critical Windows LDAP – Lightweight Directory Access Protocol
CVE-2023-24881 Microsoft Teams Information Disclosure Vulnerability Information Disclosure Important Microsoft Teams