Facebook Twitter Google-plus Instagram Youtube

Microsoft’s Patch Tuesday: Tenable’s Commentary

2023-05-10 09:06:37

As part of Microsoft’s latest Patch Tuesday, the comment from Satnam Narang, Senior Staff Research Engineer at Tenable:

“The May 2023 Patch Tuesday includes fixes for 38 CVEs, seven of which are rated critical and 31 important. This month’s release includes fixes for two zero-day vulnerabilities that have been exploited in the wild. »

“CVE-2023-29336 is an elevation of privilege (EoP) in Win32k. According to Microsoft, it was exploited in the wild as a zero-day vulnerability. This is the fifth month in a row that an elevation of privilege vulnerability has been exploited in the wild as zero day. We expect the researchers who discovered it to release details of its exploitation soon. However, it is uncertain whether this flaw is a patch bypass. In the past, we have observed three separate instances where Win32k EoP vulnerabilities were exploited as zero days. In January 2022, Microsoft patched CVE-2022-21882, which was exploited in the wild and is believed to be a workaround for vulnerability CVE-2021-1732, patched in February 2021 and itself exploited in the wild. In October 2021, Microsoft patched another Win32k EoP, identified as CVE-2021-40449, which was related to a Remote Access Enabled Trojan (RAT) known as MysterySnail, and was a patch bypass. for CVE-2016-3309. While relatively rare, interestingly several Win32k EoP flaws exploited as zero days were also patch bypasses. »

“CVE-2023-24932 is a security feature bypass vulnerability in the Secure Boot system. This vulnerability was exploited in the wild as zero day and publicly disclosed before fixes were available. It appears to be related to an ESET report from March regarding BlackLotus, a UEFI (Unified Extensible Firmware Interface) bootkit that has been available to cybercriminals since October 2022 and can be purchased for $5,000 on hacking forums. The report at the time stated that the bootkit was able to bypass the UEFI Secure Boot security feature on fully patched systems. An attacker can exploit this flaw if he has physical access or administrative rights on a vulnerable system. »

1683710424
#Microsofts #Patch #Tuesday #Tenables #Commentary

Share:

Facebook
Twitter
Pinterest
LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recent Articles:

Tags
banks Belgium Boursorama Brazil car charm Xi'an climate cojp daily Donald Trump Energy Entertainment news f1 farmers insurance fashion football Gaza General News gold price israel Lionel Messi liverpool Malayalam Manchester United meeting Mobile game Mode nationwide insurance News News Translated into Japanese offers OPEC Budget Palestine professional baseball progressive insurance Saudi women social Sports News stock exchanges trackers Translated News weather World Xi'an Daily Official Website Xi'an News Network

Table of Contents

On Key

Related Posts

© 2024 All rights reserved