osemirror.blogg.se

Listed as CVE-2023-24941 this is a Windows Network File System (NFS) RCE vulnerability which can be exploited over the network by making an unauthenticated, specially crafted request. Microsoft advises users that can't install the patch immediately to read email messages in plain text format.Īnother vulnerability to keep an eye on is an RCE vulnerability with a CVSS score of 9.8 out of 10. This type of RCE vulnerability is bound to become very popular among malware peddlers, and knowing that it has been publicly disclosed means that it is available for them to use. Microsoft says this vulnerability can be exploited merely by viewing a specially-crafted email in the Outlook Preview Pane. This vulnerability is present in Microsoft Outlook and Explorer and can be exploited by attackers in order to remotely install malware.

CVE-2023-29325: a Windows OLE Remote Code Execution (RCE) vulnerability.

UEFI and Secure Boot have been very effective in reducing the number of bootkits, but this vulnerability allows an attacker to bypass those restrictions.

The primary benefit to a bootkit infection is that it cannot be detected by standard operating systems processes because all of the components reside outside of the Windows file system. Attaching malicious software in this manner can allow for a malicious program to be executed prior to the loading of the operating system. The vulnerability has been used to install the BlackLotus UEFI bootkit, a type of malicious infection which targets the Master Boot Record located on the physical motherboard of the computer. To exploit the vulnerability, an attacker needs either physical access or administrative rights to a target device to install an affected boot policy.

CVE-2023-24932: a Secure Boot security feature bypass vulnerability.

The Cybersecurity & Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Exploitation of this vulnerability in the Win32k Kernel driver could provide an attacker with SYSTEM privileges.

CVE-2023-29336: a Win32k Elevation of Privilege (EoP) vulnerability.

The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. Of the three included in this month’s update cycle, two have been found to be actively exploited and the third has been publicly disclosed. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. Microsoft has released its monthly update, and while the total number of patched vulnerabilities is relatively low at 38, among them are three zero-day vulnerabilities. It’s that time of the month again: We're looking at May's Patch Tuesday roundup.