In today’s SensCy Cyber Brief, your SensCy team reviewed Microsoft’s latest series of patches released on Tuesday, May 9, 2023. Today’s Patch Tuesday comes with fixes for THREE zero-days including two zero-days vulnerabilities currently used by cyber criminals, and a total of 38 flaws.
What is Patch Tuesday?
Patch Tuesday is Microsoft’s initiative to release new security fixes for the Windows operating system and any other Microsoft software on a monthly basis. Your SensCy team will monitor such releases and provide you with our observations and recommendations.
Why is it important?
This month’s patch Tuesday is critical because it fixes two zero-day vulnerabilities (a vulnerability in a system or device that has been disclosed but is not yet patched). The SensCy team recommends Microsoft users install those patches immediately.
Two of the vulnerabilities are currently exploited in the wild. The first one is CVE-2023-29336 called Win32k Elevation of Privilege Vulnerability, which is giving the ability for “an attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” The second is CVE-2023-24932, a Secure Boot Security Feature Bypass Vulnerability, which is when “an attacker who has physical access or Administrative rights to a target device could install an affected boot policy.”
The third zero-day, that was not currently exploited is CVE-2023-29325, which is a Windows OLE Remote Code Execution Vulnerability, “in an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted email to the victim.”
In addition to the zero-day fix, Microsoft is also fixing 38 vulnerabilities, with six classified as “Critical” as they allow remote code execution, “In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted email to the victim,
Here is a breakdown of each vulnerability category:
- 8 Elevation of Privilege Vulnerabilities
- 4 Security Feature Bypass Vulnerabilities
- 12 Remote Code Execution Vulnerabilities
- 8 Information Disclosure Vulnerabilities
- 5 Denial of Service Vulnerabilities
- 1 Spoofing Vulnerabilities
For more information on vulnerabilities and the system that it effects, please refer to the full report from Microsoft linked here.
If you have any questions or concerns regarding patch Tuesday and are unsure of the implication of the new updates on your company, please reach out to SensCy.