Security News > 2023 > May > Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants.
The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.
Interestingly enough, BlackLotus abused CVE-2023-24932 to defeat a patch Microsoft issued last year that closed another bypass vulnerability in Secure Boot.
CVE-2023-24932 received its own separate Microsoft Security Response Center advisory and configuration guidance, which Redmond says is necessary to "Fully protect against this vulnerability."
None of the bugs are listed as under attack or publicly known.
SAP released 25 new and updated security patches, including two Hot News and nine High Priority notes.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/05/09/microsoft_may_patch_tuesday/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft wants $30 if you want to delay Windows 11 switch (source)
- Microsoft delays Windows Recall again, now by December (source)
- Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns (source)
- Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-29336 | Use After Free vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 0.0 |
| 2023-05-09 | CVE-2023-24932 | Unspecified vulnerability in Microsoft products Secure Boot Security Feature Bypass Vulnerability | 0.0 |