Adrian Borlea
Security Alert
In this article:

Microsoft has released patches for 38 vulnerabilities in the May Patch Tuesday rollout. Out of all patches released, 6 are rated as critical while the remaining are classified as Important. This Patch Tuesday fixes three zero-day vulnerabilities, two being exploited in the wild and another one being publicly disclosed. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. 

Let’s take a closer look at the most interesting updates for this month. 

Zero-day Vulnerabilities Patched in May Patch Tuesday

Win32k Elevation of Privilege Vulnerability

  • CVE-2023-29336 is a privilege elevation vulnerability that exists in Win32k, a Windows Core Library, and is known to be exploited in the wild. An attacker with local access may exploit this vulnerability in a low-complexity attack without needing any privileges and can elevate privileges to SYSTEM on the target. CISA has added this vulnerability to its Known Exploited Vulnerability Catalog and requests that users patch it before May 30, 2023.

Secure Boot Security Feature Bypass Vulnerability 

  • CVE-2023-24932 is a Secure boot bypass flaw - “To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install an affected boot policy” according to Microsoft’s advisory. Secure boot is a crucial security feature that helps prevent malicious software from loading while the computer boots. On successful exploitation, an attacker can bypass this feature.  

Windows OLE Remote Code Execution Vulnerability 

  • CVE-2023-29325 is a vulnerability affecting OLE (Object Linking and Embedding), a mechanism to help users create and edit documents containing objects made by multiple applications such as sound clips, spreadsheets, bitmaps. For successful exploitation of this vulnerability an attacker should win a race condition and take additional actions before exploitation. An attacker could exploit this vulnerability in an email attacker by sending a specially crafted email. A user may be tricked into opening a specifically crafted email using an affected version of Outlook, for instance. As a result, an attacker may perform remote code execution on the target computer.  

Runecast covers all the 28 vulnerabilities that affect Windows operating systems and details of these vulnerabilities are shown below.

Important | Windows Bluetooth Driver Remote Code Execution Vulnerability

CVE-2023-24947 Microsoft Bluetooth Driver RCE

Important | Windows Bluetooth Driver Elevation of Privilege Vulnerability

CVE-2023-24948 Microsoft Bluetooth Driver EoP

Important | Windows Bluetooth Driver Information Disclosure Vulnerability

CVE-2023-24944 Microsoft Bluetooth Driver ID

Important | Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-24899 Microsoft Graphics Component EoP

Important | AV1 Video Extension Remote Code Execution Vulnerability

CVE-2023-29340 Microsoft Windows Codecs Library RCE

Important | AV1 Video Extension Remote Code Execution Vulnerability

CVE-2023-29341 Microsoft Windows Codecs Library RCE

Important | Remote Desktop Client Remote Code Execution Vulnerability

CVE-2023-24905 Remote Desktop Client RCE

Important | Windows Backup Service Elevation of Privilege Vulnerability

CVE-2023-24946 Windows Backup Engine EoP

Important | Windows Installer Elevation of Privilege Vulnerability

CVE-2023-24904 Windows Installer EoP

Important | Windows iSCSI Target Service Information Disclosure Vulnerability

CVE-2023-24945 Windows iSCSI Target Service ID

Important | Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-24949 Windows Kernel EoP

⭕ Critical | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2023-28283 Windows LDAP - Lightweight Directory Access Protocol RCE

Important | Windows MSHTML Platform Security Feature Bypass Vulnerability

CVE-2023-29324 Windows MSHTML Platform SFB

⭕ Critical | Windows Network File System Remote Code Execution Vulnerability

CVE-2023-24941 Windows Network File System ID

Important | Windows NFS Portmapper Information Disclosure Vulnerability

CVE-2023-24901 Windows NFS Portmapper ID

Important | Server for NFS Denial of Service Vulnerability

CVE-2023-24939 Windows NFS Portmapper DoS

Important | Windows NTLM Security Support Provider Information Disclosure Vulnerability

CVE-2023-24900 Windows NTLM ID

⭕ Critical | Windows OLE Remote Code Execution Vulnerability

CVE-2023-29325 Windows OLE RCE

Important | Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability

CVE-2023-24940 Windows PGM DoS

⭕ Critical | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2023-24943 Windows PGM RCE

Important | Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability

CVE-2023-28290 Windows RDP Client ID

Important | Remote Procedure Call Runtime Denial of Service Vulnerability

CVE-2023-24942 Windows Remote Procedure Call Runtime DoS

Important | Windows Driver Revocation List Security Feature Bypass Vulnerability

CVE-2023-28251 Windows Secure Boot SFB

Important | Secure Boot Security Feature Bypass Vulnerability

CVE-2023-24932 Windows Secure Boot SFB

⭕ Critical | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2023-24903 Windows Secure Socket Tunneling Protocol (SSTP) RCE

Important | Windows SMB Denial of Service Vulnerability

CVE-2023-24898 Windows SMB DoS

Important | Win32k Elevation of Privilege Vulnerability

CVE-2023-29336 Windows Win32K EoP

Important | Win32k Elevation of Privilege Vulnerability

CVE-2023-24902 Windows Win32K EoP

Meet other Runecasters here:

Run Secure and Compliant Workloads Anywhere

Detect and assess risks and be fully compliant in minutes.

Get Free Trial