Security News > 2023 > May > Week in review: Microsoft fixes two actively exploited bugs, MSI private code signing keys leaked

Week in review: Microsoft fixes two actively exploited bugs, MSI private code signing keys leaked
2023-05-14 08:00

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkitFor May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug and a Secure Boot bypass flaw exploited by attackers in the wild.

MSI's firmware, Intel Boot Guard private keys leakedThe cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company's private code signing keys on their dark web site.

Microsoft Authenticator push notifications get number matchingMicrosoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security.

Kubernetes Bill of Materials open-source tool enhances cloud security response to CVEsKubernetes Security Operations Center released the first-ever Kubernetes Bill of Materials standard.

CISOs confront mounting obstacles in tracking cyber assetsIn this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments.

Automotive industry employees unaware of data security risks30% of automotive employees don't check security protocols before trying a new tool, according to Salesforce.


News URL

https://www.helpnetsecurity.com/2023/05/14/week-in-review-microsoft-fixes-two-actively-exploited-bugs-msi-private-code-signing-keys-leaked/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 701 841 4687 4342 3722 13592
MSI 7 0 5 6 0 11