Microsoft’s May 2023 Patch Tuesday Addresses 38 CVEs

On May 9, Microsoft published its May 2023 Patch Tuesday release which patched 38 CVEs with six rated as critical and 32 rated as important.

Microsoft patched three zero day vulnerabilities this month, including two that were exploited in the wild:

• CVE-2023-29336: Win32k Elevation of Privilege Vulnerability*
• CVE-2023-24932: Secure Boot Security Feature Bypass Vulnerability*
• CVE-2023-29325: Windows OLE Remote Code Execution Vulnerability

* Exploited in the wild

This month’s update includes patches for:

• Microsoft Bluetooth Driver
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Access
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft Teams
• Microsoft Windows Codecs Library
• Reliable Multicast Transport Driver (RMCAST)
• Remote Desktop Client
• SysInternals
• Visual Studio Code
• Windows Backup Engine
• Windows Installer
• Windows iSCSI Target Service
• Windows Kernel
• Windows LDAP - Lightweight Directory Access Protocol
• Windows MSHTML Platform
• Windows Network File System
• Windows NFS Portmapper
• Windows NTLM
• Windows OLE
• Windows RDP Client
• Windows Remote Procedure Call Runtime
• Windows Secure Boot
• Windows Secure Socket Tunneling Protocol (SSTP)
• Windows SMB
• Windows Win32K

For more information, please visit our blog.