Thursday, June 1, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

Microsoft Patch Tuesday: 40 Vulnerabilities, 2 Zero-Days

Researcher by Researcher
May 10, 2023
in Cybersecurity
0
Sentra Raises $30 Million for DSPM Technology
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


Microsoft on Tuesday announced patches for 40 newly documented vulnerabilities in its products, including two zero-day flaws.

One of the zero-days, CVE-2023-29336, is described as an elevation of privilege bug in the Win32k driver. Successful exploitation could allow an attacker to gain System privileges.

Microsoft has shared no information on the attacks exploiting this vulnerability, but such issues are typically combined with code execution flaws to spread malware, according to Trend Micro’s Zero Day Initiative (ZDI), which published a summary of the patches. 

Reported by Avast, CVE-2023-29336 impacts systems running Windows 10 and Windows Server 2008, 2012, and 2016.

Reported by ESET and SentinelOne researchers, the second zero-day, CVE-2023-24932, is described as a Secure Boot security feature bypass that could allow an attacker with physical access or administrative privileges to execute self-signed code at the UEFI level.

The issue has been exploited by the BlackLotus UEFI bootkit that first emerged in October 2022, and which can disable security applications and other defense mechanisms on vulnerable machines.

Addressing CVE-2023-24932, Microsoft says, requires revoking boot managers, an irreversible action that could cause issues for some boot configurations.

Advertisement. Scroll to continue reading.

Microsoft’s May 2023 update does not provide a full patch for the vulnerability, but represents the first step in resolving the issue. Automated deployment of the revocation files will be added on July 2023 Patch Tuesday and the revocations will be enforced starting with the first quarter of the next year.

“The May 9, 2023 security update provides configuration options to manually enable protections for the Secure Boot bypass but these protections are not enabled automatically. Before you enable these protections, you must verify your devices and all bootable media are updated and ready for this security hardening change,” the tech giant explains in a knowledge base article.

Some of the critical vulnerabilities patched with Microsoft’s latest updates include remote code execution flaws in Windows Network File System (CVE-2023-24941), Windows Pragmatic General Multicast (CVE-2023-24943), and Windows OLE (CVE-2023-29325).

The tech giant also resolved CVE-2023-24955, a remote code execution flaw in SharePoint Server that was disclosed by the Star Labs team at the Pwn2Own Vancouver 2023 exploit contest.

Microsoft’s May 2023 Patch Tuesday updates address other elevation of privilege and remote code execution bugs, along with information disclosure, denial-of-service, and security feature bypass flaws.

In addition to the 40 Microsoft-specific vulnerabilities, the release notes mention nine Chrome security defects that the tech giant is now addressing in the Chromium-based Edge browser.

Related: Adobe Patches 14 Vulnerabilities in Substance 3D Painter

Related: ICS Patch Tuesday: Siemens, Schneider Electric Address Few Dozen Vulnerabilities

Related: Microsoft Patch Tuesday: 97 Windows Vulns, 1 Exploited Zero-Day



Source link

Related articles

Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023
Tags: MicrosoftPatchTuesdayvulnerabilitieszerodays
Share76Tweet47

Related Posts

Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
0

Threat actors are exploiting a critical-severity Zyxel flaw in order to add vulnerable devices to a Mirai botnet variant. While...

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023
0

Cisco on Wednesday announced that it’s acquiring California-based cybersecurity firm Armorblox for its artificial intelligence (AI) technology. Armorblox specializes in...

8 best practices for securing your Mac from hackers in 2023

8 best practices for securing your Mac from hackers in 2023

June 1, 2023
0

Best practices for securing your Mac against potential hacks and security vulnerabilities include enabling the firewall, using strong passwords and...

ZuoRAT Malware Found Hitting Home Routers

New SeroXen RAT Emerges | Decipher

June 1, 2023
0

Security researchers are tracking a new fileless RAT named SeroXen that has the capability to evade many EDR systems and...

Sentra Raises $30 Million for DSPM Technology

Chrome 114 Released With 18 Security Fixes

May 31, 2023
0

Google this week announced the release of Chrome 114 to the stable channel with a total of 18 security fixes...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
A first look at threat intelligence and threat hunting tools

A first look at threat intelligence and threat hunting tools

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
All eyes on APIs: Top 3 API security risks and how to mitigate them

All eyes on APIs: Top 3 API security risks and how to mitigate them

June 1, 2023
Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup /

June 1, 2023

Recent Posts

Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
All eyes on APIs: Top 3 API security risks and how to mitigate them

All eyes on APIs: Top 3 API security risks and how to mitigate them

June 1, 2023
Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • LetsAskBinuBlogs
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cybersecurity Data Digital exploited financial Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches Payments platform Ransomware RoundUp security Software Stories TFT Threat Top vulnerabilities vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved