Security News > 2023 > May > Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants.
The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.
Interestingly enough, BlackLotus abused CVE-2023-24932 to defeat a patch Microsoft issued last year that closed another bypass vulnerability in Secure Boot.
CVE-2023-24932 received its own separate Microsoft Security Response Center advisory and configuration guidance, which Redmond says is necessary to "Fully protect against this vulnerability."
None of the bugs are listed as under attack or publicly known.
SAP released 25 new and updated security patches, including two Hot News and nine High Priority notes.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/05/09/microsoft_may_patch_tuesday/
Related news
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Microsoft says having a TPM is "non-negotiable" for Windows 11 (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Windows kernel bug now exploited in attacks to gain SYSTEM privileges (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-09 | CVE-2023-29336 | Use After Free vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 0.0 |
2023-05-09 | CVE-2023-24932 | Unspecified vulnerability in Microsoft products Secure Boot Security Feature Bypass Vulnerability | 0.0 |