Security News > 2023 > May > Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
![Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix](/static/build/img/news/two-microsoft-windows-bugs-under-attack-one-in-secure-boot-with-a-manual-fix-medium.jpg)
Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants.
The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.
Interestingly enough, BlackLotus abused CVE-2023-24932 to defeat a patch Microsoft issued last year that closed another bypass vulnerability in Secure Boot.
CVE-2023-24932 received its own separate Microsoft Security Response Center advisory and configuration guidance, which Redmond says is necessary to "Fully protect against this vulnerability."
None of the bugs are listed as under attack or publicly known.
SAP released 25 new and updated security patches, including two Hot News and nine High Priority notes.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/05/09/microsoft_may_patch_tuesday/
Related news
- Microsoft deprecates Windows NTLM authentication protocol (source)
- Microsoft announces first Windows 10 Beta build since 2021 (source)
- Microsoft Research chief scientist has no issue with Windows Recall (source)
- Microsoft makes Windows Recall opt-in, secures data with Windows Hello (source)
- Windows Recall will be opt-in and the data more secure, Microsoft says (source)
- Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows (source)
- Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
- Microsoft deprecates Windows DirectAccess, recommends Always On VPN (source)
- Microsoft delays Windows Recall amid privacy and security concerns (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-09 | CVE-2023-29336 | Unspecified vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 7.8 |
2023-05-09 | CVE-2023-24932 | Unspecified vulnerability in Microsoft products Secure Boot Security Feature Bypass Vulnerability | 6.7 |