Security News > 2023 > May > Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants.
The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.
Interestingly enough, BlackLotus abused CVE-2023-24932 to defeat a patch Microsoft issued last year that closed another bypass vulnerability in Secure Boot.
CVE-2023-24932 received its own separate Microsoft Security Response Center advisory and configuration guidance, which Redmond says is necessary to "Fully protect against this vulnerability."
None of the bugs are listed as under attack or publicly known.
SAP released 25 new and updated security patches, including two Hot News and nine High Priority notes.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/05/09/microsoft_may_patch_tuesday/
Related news
- Microsoft fixes Linux boot issues on dual-boot Windows systems (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- Microsoft: April 2025 updates break Windows Hello on some PCs (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Microsoft starts final Windows Recall testing before rollout (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-29336 | Use After Free vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 0.0 |
| 2023-05-09 | CVE-2023-24932 | Unspecified vulnerability in Microsoft products Secure Boot Security Feature Bypass Vulnerability | 0.0 |