![]() This release includes security updates for the following products, features, and roles. Microsoft security bulletin summary for May 2023 ![]() Windows OLE Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows LDAP – Lightweight Directory Access Protocol Microsoft SharePoint Server Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability ![]() Windows Network File System Remote Code Execution Vulnerability Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Windows Secure Socket Tunneling Protocol (SSTP) Users can mitigate this vulnerability by reading all messages in plain text format. ![]() However, the attacker must win a ‘race’ condition and take additional actions to exploit the flaw successfully. An attacker could execute remote code on the victim’s machine if they successfully exploit the vulnerability. The flaw can be triggered when a victim opens a malicious email or when Outlook previews such an email. This vulnerability is a Windows OLE flaw in Microsoft Outlook that can be exploited using specially crafted emails. This vulnerability is a bypass for the previously fixed CVE-2022-21894 vulnerability.ĬVE-2023-29325 – Windows OLE Remote Code Execution Vulnerability. Microsoft released guidance last month on how to detect BlackLotus UEFI bootkit attacks. The threat actor has been selling the BlackLotus bootkit on hacker forums since October 2022 and continues to update its features. UEFI bootkits are invisible to security software running within the operating system. An attacker can install the malware with physical access or Administrative rights to a target device. This vulnerability fixes the Secure Boot bypass flaw that threat actors have exploited to install the BlackLotus UEFI bootkit. The bug has been actively exploited, but Microsoft has not provided any details on the nature of these attacks.ĬVE-2023-24932 – Secure Boot Security Feature Bypass Vulnerability. This vulnerability involves a privilege elevation flaw in the Win32k Kernel driver that can give attackers SYSTEM privileges. Microsoft’s Patch, Tuesday for May 2023, has addressed three zero-day vulnerabilities, two of which have been actively exploited in attacks.ĬVE-2023-29336 – Win32k Elevation of Privilege Vulnerability. Microsoft advises users to apply the updates and take additional measures to mitigate the vulnerabilities. The third zero-day ( CVE-2023-29325 ) is a Windows OLE flaw in Microsoft Outlook that can be exploited using specially crafted emails, which could result in the attacker executing remote code on the victim’s machine. The second zero-day ( CVE-2023-24932 ) is a Secure Boot bypass flaw that allows an attacker with physical access or administrative rights to install an affected boot policy and install the BlackLotus UEFI bootkit. ![]() The first zero-day vulnerability ( CVE-2023-29336 ) is a privilege elevation vulnerability in the Win32k Kernel driver, allowing an attacker to gain SYSTEM privileges. Microsoft addresses three zero-day vulnerabilities, including two actively exploited in attacks and one publicly disclosed. The update also contains six Critical vulnerabilities allowing remote code execution. However, it is still crucial as it includes a patch for a Windows bug and a Secure Boot bypass flaw, which have been exploited by attackers in the wild. This month’s patch is considered one of the smallest in the number of resolved vulnerabilities. Microsoft has released its May 2023 Patch Tuesday updates, including fixes for 38 vulnerabilities. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |