Security News > 2023 > May > Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix

Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
2023-05-09 23:15

Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants.

The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.

Interestingly enough, BlackLotus abused CVE-2023-24932 to defeat a patch Microsoft issued last year that closed another bypass vulnerability in Secure Boot.

CVE-2023-24932 received its own separate Microsoft Security Response Center advisory and configuration guidance, which Redmond says is necessary to "Fully protect against this vulnerability."

None of the bugs are listed as under attack or publicly known.

SAP released 25 new and updated security patches, including two Hot News and nine High Priority notes.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/05/09/microsoft_may_patch_tuesday/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2023-29336 Use After Free vulnerability in Microsoft products
Win32k Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-416
7.8
7.8
2023-05-09 CVE-2023-24932 Unspecified vulnerability in Microsoft products
Secure Boot Security Feature Bypass Vulnerability
local
low complexity
microsoft
6.7
6.7

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774