May, 2023: Patch Tuesday - 3 Zero Days but a pretty light month

This month Microsoft released updates for only 57 vulnerabilties so we are under the average triple digits for patches. Of the 57 vulnerabilities only 7 are critical this month. We do have three zero days to deal with though. CVE-2023-24932 is exploited and public. This vulnerability allows and attacker to bypass Secure Boot and install the BlackLotus UEFI bootkit. CVE-2023-29325 is public but not currently being reported as exploited by Microsoft. CVE-2023-29336 is currently being exploited and a successful exploit results in the attacker gaining SYSTEM privileges. You will want to make sure all three of these are updated ASAP. I'm really surprised that we have so few vulnerabilities this month. I guess we'll see if next month makes up for it.  Happy patching!

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:

LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 10, 11

Server 2008 SP2, 2008R2 SP1, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations

AV1 Video Extension

Remote Desktop

Critical

CVE-2023-24898
CVE-2023-24899
CVE-2023-24900
CVE-2023-24901
CVE-2023-24902
CVE-2023-24903
CVE-2023-24904
CVE-2023-24905
CVE-2023-24932**
CVE-2023-24939
CVE-2023-24940
CVE-2023-24941
CVE-2023-24942
CVE-2023-24943
CVE-2023-24944
CVE-2023-24945
CVE-2023-24946
CVE-2023-24947
CVE-2023-24948
CVE-2023-24949
CVE-2023-28251
CVE-2023-28283
CVE-2023-28290
CVE-2023-29324
CVE-2023-29325**
CVE-2023-29336
CVE-2023-29340
CVE-2023-29341

Workaround: No
Exploited: Yes
Public: Yes**

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Edge

Chromium-based

Edge for Android

Critical

CVE-2023-2033
CVE-2023-2133
CVE-2023-2134
CVE-2023-2135
CVE-2023-2136
CVE-2023-2137
CVE-2023-2459
CVE-2023-2460
CVE-2023-2462
CVE-2023-2463
CVE-2023-2464
CVE-2023-2465
CVE-2023-2466
CVE-2023-2467
CVE-2023-2468
CVE-2023-29334
CVE-2023-29350
CVE-2023-29354

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Security Feature Bypass

Spoofing

Office

365 Apps for Enterprise

Office 2019, LTSC 2021

2019 for Mac, LTSC Mac 2021

Excel/Word 2013 RT SP1, 2013 SP1, 2016

Teams

Online Server

Critical

CVE-2023-24881
CVE-2023-24953
CVE-2023-29333
CVE-2023-29335
CVE-2023-29344

Workaround: No
Exploited: No
Public: No

Denial of Service

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

SharePoint

Enterprise Server 2016

Server 2019

Server Subscription Edition

Important

CVE-2023-24950
CVE-2023-24954
CVE-2023-24955

Workaround: No
Exploited: No
Public: No

Information Disclosure

Remote Code Execution

Spoofing

Visual Studio

VS Code

Important

CVE-2023-29338

Workaround: No
Exploited: No
Public: No

Information Disclosure

Sysmon

N/A

Important

CVE-2023-29343

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

System Center

Malware Protection Platform

Important

CVE-2023-24934

Workaround: No
Exploited: No
Public: No

Security Feature Bypass