Microsoft May 2023 Patch Tuesday

Published: 2023-05-09. Last Updated: 2023-05-09 17:41:35 UTC
by Renato Marinho (Version: 1)
0 comment(s)

This month we got patches for 49 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft.

One of the exploited vulnerabilities is a Win32k Elevation of Privilege Vulnerability (CVE-2023-29336). This vulnerability has low attack complexity, low privilege, and none user interaction. The attack vector is local, the CVSS is 7.8, and the severity is Important.

The second exploited vulnerability is Secure Boot Security Feature Bypass Vulnerability (CVE-2023-24932). According to the advisory, to exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install an affected boot policy. The CVSS for this vulnerability is 6.7 and its severity is Important.

About the critical vulnerabilities, there is a Remote Code Execution (RCE) affecting Windows Network File System (CVE-2023-24941). According to the advisory, this vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). The advisory also details a mitigation procedure. The CVSS for this vulnerability is 9.8 – the highest for this month.

A second critical vulnerability worth mentioning is an RCE affecting Windows Lightweight Directory Access Protocol (LDAP) (CVE-2023-28283). According to the advisory, an unauthenticated attacker who successfully exploited this vulnerability could gain code execution through a specially crafted set of LDAP calls to execute arbitrary code within the context of the LDAP service. The attack complexity is high, which means that successful exploitation of this vulnerability requires an attacker to win a race condition. The CVSS for this vulnerability is 8.1.

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

May 2023 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
AV1 Video Extension Remote Code Execution Vulnerability
CVE-2023-29340 No No - - Important 7.8 6.8
CVE-2023-29341 No No - - Important 7.8 6.8
Chromium: CVE-2023-2459 Inappropriate implementation in Prompts
CVE-2023-2459 No No - - -    
Chromium: CVE-2023-2460 Insufficient validation of untrusted input in Extensions
CVE-2023-2460 No No - - -    
Chromium: CVE-2023-2462 Inappropriate implementation in Prompts
CVE-2023-2462 No No - - -    
Chromium: CVE-2023-2463 Inappropriate implementation in Full Screen Mode
CVE-2023-2463 No No - - -    
Chromium: CVE-2023-2464 Inappropriate implementation in PictureInPicture
CVE-2023-2464 No No - - -    
Chromium: CVE-2023-2465 Inappropriate implementation in CORS
CVE-2023-2465 No No - - -    
Chromium: CVE-2023-2466 Inappropriate implementation in Prompts
CVE-2023-2466 No No - - -    
Chromium: CVE-2023-2467 Inappropriate implementation in Prompts
CVE-2023-2467 No No - - -    
Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPicture
CVE-2023-2468 No No - - -    
Microsoft Access Denial of Service Vulnerability
CVE-2023-29333 No No - - Important 3.3 2.9
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2023-29350 No No Less Likely Less Likely Important 7.5 6.5
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-29354 No No Less Likely Less Likely Moderate 4.7 4.1
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-24953 No No - - Important 7.8 6.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-29344 No No - - Important 7.8 6.8
Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability
CVE-2023-28290 No No - - Important 5.3 4.6
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2023-24954 No No - - Important 6.5 5.7
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-24955 No No - - Critical 7.2 6.3
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-24950 No No - - Important 6.5 5.7
Microsoft Teams Information Disclosure Vulnerability
CVE-2023-24881 No No - - Important 6.5 5.7
Microsoft Word Security Feature Bypass Vulnerability
CVE-2023-29335 No No - - Important 7.5 6.5
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2023-24905 No No - - Important 7.8 6.8
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-24942 No No - - Important 7.5 6.5
Secure Boot Security Feature Bypass Vulnerability
CVE-2023-24932 Yes Yes - - Important 6.7 6.2
Server for NFS Denial of Service Vulnerability
CVE-2023-24939 No No - - Important 7.5 6.5
SysInternals Sysmon for Windows Elevation of Privilege Vulnerability
CVE-2023-29343 No No - - Important 7.8 6.8
Visual Studio Code Information Disclosure Vulnerability
CVE-2023-29338 No No - - Important 5.0 4.5
Win32k Elevation of Privilege Vulnerability
CVE-2023-24902 No No - - Important 7.8 6.8
CVE-2023-29336 No Yes - - Important 7.8 6.8
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-24946 No No - - Important 7.8 6.8
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-24948 No No - - Important 7.4 6.4
Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2023-24944 No No - - Important 6.5 5.7
Windows Bluetooth Driver Remote Code Execution Vulnerability
CVE-2023-24947 No No - - Important 8.8 7.7
Windows Driver Revocation List Security Feature Bypass Vulnerability
CVE-2023-28251 No No - - Important 5.5 4.8
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-24899 No No - - Important 7.0 6.1
Windows Installer Elevation of Privilege Vulnerability
CVE-2023-24904 No No - - Important 7.1 6.2
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-24949 No No - - Important 7.8 6.8
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2023-28283 No No - - Critical 8.1 7.1
Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2023-29324 No No - - Important 6.5 5.7
Windows NFS Portmapper Information Disclosure Vulnerability
CVE-2023-24901 No No - - Important 7.5 6.5
Windows NTLM Security Support Provider Information Disclosure Vulnerability
CVE-2023-24900 No No - - Important 5.9 5.2
Windows Network File System Remote Code Execution Vulnerability
CVE-2023-24941 No No - - Critical 9.8 8.5
Windows OLE Remote Code Execution Vulnerability
CVE-2023-29325 Yes No - - Critical 8.1 7.3
Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability
CVE-2023-24940 No No - - Important 7.5 6.5
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-24943 No No - - Critical 9.8 8.5
Windows SMB Denial of Service Vulnerability
CVE-2023-24898 No No - - Important 7.5 6.5
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2023-24903 No No - - Critical 8.1 7.1
Windows iSCSI Target Service Information Disclosure Vulnerability
CVE-2023-24945 No No - - Important 5.5 4.8

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
0 comment(s)

Comments


Diary Archives