Deprecated: Function create_function() is deprecated in /home/phototor/domains/phototor.com/public_html/wp-content/themes/premium-photography/inc/photo-widgets.php on line 3
Microsoft May 2023 Patch released | Suman Tiwari Travellography, Cyber Security & Photography Blog Microsoft May 2023 Patch released – Suman Tiwari Travellography, Cyber Security & Photography Blog

Microsoft May 2023 Patch released

Microsoft has fixed 49 vulnerabilities in its May 2023 Patch Tuesday edition.

Below is the list of the addressed vulnerabilities in the May 2023 Patch Tuesday release:

TagCVE IDCVE TitleSeverity
Microsoft Bluetooth DriverCVE-2023-24947Windows Bluetooth Driver Remote Code Execution VulnerabilityImportant
Microsoft Bluetooth DriverCVE-2023-24948Windows Bluetooth Driver Elevation of Privilege VulnerabilityImportant
Microsoft Bluetooth DriverCVE-2023-24944Windows Bluetooth Driver Information Disclosure VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2023-29354Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityModerate
Microsoft Edge (Chromium-based)CVE-2023-2468Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPictureUnknown
Microsoft Edge (Chromium-based)CVE-2023-2459Chromium: CVE-2023-2459 Inappropriate implementation in PromptsUnknown
Microsoft Edge (Chromium-based)CVE-2023-29350Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2023-2467Chromium: CVE-2023-2467 Inappropriate implementation in PromptsUnknown
Microsoft Edge (Chromium-based)CVE-2023-2463Chromium: CVE-2023-2463 Inappropriate implementation in Full Screen ModeUnknown
Microsoft Edge (Chromium-based)CVE-2023-2462Chromium: CVE-2023-2462 Inappropriate implementation in PromptsUnknown
Microsoft Edge (Chromium-based)CVE-2023-2460Chromium: CVE-2023-2460 Insufficient validation of untrusted input in ExtensionsUnknown
Microsoft Edge (Chromium-based)CVE-2023-2465Chromium: CVE-2023-2465 Inappropriate implementation in CORSUnknown
Microsoft Edge (Chromium-based)CVE-2023-2466Chromium: CVE-2023-2466 Inappropriate implementation in PromptsUnknown
Microsoft Edge (Chromium-based)CVE-2023-2464Chromium: CVE-2023-2464 Inappropriate implementation in PictureInPictureUnknown
Microsoft Graphics ComponentCVE-2023-24899Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2023-29344Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office AccessCVE-2023-29333Microsoft Access Denial of Service VulnerabilityImportant
Microsoft Office ExcelCVE-2023-24953Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2023-24955Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2023-24954Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2023-24950Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Office WordCVE-2023-29335Microsoft Word Security Feature Bypass VulnerabilityImportant
Microsoft TeamsCVE-2023-24881Microsoft Teams Information Disclosure VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2023-29340AV1 Video Extension Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2023-29341AV1 Video Extension Remote Code Execution VulnerabilityImportant
Remote Desktop ClientCVE-2023-24905Remote Desktop Client Remote Code Execution VulnerabilityImportant
SysInternalsCVE-2023-29343SysInternals Sysmon for Windows Elevation of Privilege VulnerabilityImportant
Visual Studio CodeCVE-2023-29338Visual Studio Code Information Disclosure VulnerabilityImportant
Windows Backup EngineCVE-2023-24946Windows Backup Service Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2023-24904Windows Installer Elevation of Privilege VulnerabilityImportant
Windows iSCSI Target ServiceCVE-2023-24945Windows iSCSI Target Service Information Disclosure VulnerabilityImportant
Windows KernelCVE-2023-24949Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2023-28283Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityCritical
Windows MSHTML PlatformCVE-2023-29324Windows MSHTML Platform Security Feature Bypass VulnerabilityImportant
Windows Network File SystemCVE-2023-24941Windows Network File System Remote Code Execution VulnerabilityCritical
Windows NFS PortmapperCVE-2023-24901Windows NFS Portmapper Information Disclosure VulnerabilityImportant
Windows NFS PortmapperCVE-2023-24939Server for NFS Denial of Service VulnerabilityImportant
Windows NTLMCVE-2023-24900Windows NTLM Security Support Provider Information Disclosure VulnerabilityImportant
Windows OLECVE-2023-29325Windows OLE Remote Code Execution VulnerabilityCritical
Windows PGMCVE-2023-24940Windows Pragmatic General Multicast (PGM) Denial of Service VulnerabilityImportant
Windows PGMCVE-2023-24943Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCritical
Windows RDP ClientCVE-2023-28290Microsoft Remote Desktop app for Windows Information Disclosure VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2023-24942Remote Procedure Call Runtime Denial of Service VulnerabilityImportant
Windows Secure BootCVE-2023-28251Windows Driver Revocation List Security Feature Bypass VulnerabilityImportant
Windows Secure BootCVE-2023-24932Secure Boot Security Feature Bypass VulnerabilityImportant
Windows Secure Socket Tunneling Protocol (SSTP)CVE-2023-24903Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical
Windows SMBCVE-2023-24898Windows SMB Denial of Service VulnerabilityImportant
Windows Win32KCVE-2023-29336Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2023-24902Win32k Elevation of Privilege VulnerabilityImportant

Count By Impact

Important Links and References:

https://msrc.microsoft.com/update-guide/

https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2023-patch-tuesday-fixes-3-zero-days-38-flaws/

https://www.ghacks.net/2023/05/09/microsoft-patches-several-critical-security-issues-on-the-may-2023-windows-patch-day/

https://krebsonsecurity.com/2023/05/microsoft-patch-tuesday-may-2023-edition/

https://www.tenable.com/blog/microsofts-may-2023-patch-tuesday-addresses-38-cves-cve-2023-29336

About Author:

Suman Tiwari CPISI Exam Guide

Suman Tiwari is a Cyber Security Professional by Profession and photographer by passion.

His Linkedin profile can be visited here for more details.

Leave a Reply

Your email address will not be published. Required fields are marked *