Security News > 2023 > May > Microsoft's May Patch Tuesday Fixes 38 Flaws, Including 2 Exploited Zero-Day Bugs
Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that it said is being actively exploited in the wild.
Eight of the flaws have been tagged with "Exploitation More Likely" assessment by Microsoft.
This is aside from 18 flaws - including 11 bugs since the start of May - the Windows maker resolved in its Chromium-based Edge browser following the release of April Patch Tuesday updates.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said, crediting Avast researchers Jan Vojt?šek, Milánek, and Luigino Camastra for reporting the flaw.
The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency to add the flaw to its Known Exploited Vulnerabilities catalog, urging organizations to apply vendor fixes by May 30, 2023.
In addition to Microsoft, security updates have also been released by other vendors over the past few weeks to rectify several vulnerabilities, including -.
News URL
https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html
Related news
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- March 2024 Patch Tuesday forecast: A popular framework updated (source)
- Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast (source)
- Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability (source)
- March Patch Tuesday sees Hyper-V join the guest-host escape club (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)