Subj : Microsoft reveals small but vital security upgrade - so patch you To : All From : TechnologyDaily Date : Wed May 10 2023 12:00:04 Microsoft reveals small but vital security upgrade - so patch your devices now Date: Wed, 10 May 2023 10:56:21 +0000 Description: May's Microsoft Patch Tuesday is upon us, with some important fixes. FULL STORY ====================================================================== Microsoft has released this months cumulative cybersecurity update known as Patch Tuesday. Its one of the smallest updates in terms of the number of flaws addressed, but it has still fixed some important vulnerabilities, so make sure to apply the patch as soon as possible. In a follow-up security advisory, Microsoft said that it fixed a total of 38 vulnerabilities this month (not including the 11 Microsoft Edge browser flaws fixed a week ago). Among them are three zero-days, and six critical flaws allowing for remote code execution (RCE). Fixing zero-days Heres a full breakdown of the update: 8 Elevation of Privilege Vulnerabilities 4 Security Feature Bypass Vulnerabilities 12 Remote Code Execution Vulnerabilities 8 Information Disclosure Vulnerabilities 5 Denial of Service Vulnerabilities 1 Spoofing Vulnerability Of the three zero-days, two were being actively used in the wild, to attack vulnerable endpoints . Those two are CVE-2023-29336, and CVE-2023-24932. The former is a Win32k Elevation of Privilege Vulnerability, a flaw in the Kernel driver that elevates privileges to the highest level - SYSTEM. "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in its advisory. Read more > The first Microsoft Patch Tuesday of 2023 includes some rather important fixes > Microsoft's latest Patch Tuesday broke some VMs, but there's a fix > These are the best malware removal tools at the moment The latter is a Secure Boot Security Feature Bypass Vulnerability, which was being used in the wild to install the BlackLotus UEFI bootkit, it was said. "To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install an affected boot policy," Microsoft further explained. UEFI bootkits are highly disruptive malware that gets installed on the system firmware, and as such remains on the target endpoint even if the operating system gets reinstalled, or the hard drive replaced. According to BleepingComputer, someone has been selling the BlackLotus bootkit on underground forums since October 2022, and has been actively working on adding new features. Since March, the bootkit was able to bypass Secure Boot on fully patched Windows 11 devices. Check out the best firewalls right now Via: BleepingComputer ====================================================================== Link to news story: https://www.techradar.com/news/microsoft-reveals-small-but-vital-security-upgr ade-so-patch-your-devices-now --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .