38 CVEs addressed through the May 2023 Patch Tuesday Release
6 min. read
Updated on
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- Not such a busy month for a Microsoft Patch Tuesday release, with 38 CVEs.
- Out of all the CVEs, seven are rated Critical and 31 are rated Important in severity.
- We've included each and everyone in this article, with direct links as well.
It’s May already and everyone is looking towards Microsoft, in hopes that some of the flaws they’ve been struggling with will finally get fixed.
We’ve already provided the direct download links for the cumulative updates released today for Windows 10 and 11, but now it’s time to talk about Critical Vulnerabilities and Exposures again.
This month, the Redmond tech giant released 38 new patches, which is a lot less than some people were expecting right after Easter.
These software updates address CVEs in:
- Microsoft Windows and Windows Components
- .NET and Visual Studio
- Microsoft Edge (Chromium-based)
- Microsoft Exchange Server
- Office and Office Components
- Windows Hyper-V
- Windows Authentication Methods
- BitLocker
- Windows Cluster Shared Volume (CSV)
- Remote Desktop Client
- Windows Network File System
- NTFS
- Windows Point-to-Point Tunneling Protocol
For May, Microsoft only released 38 new patches, which is still a lot less than some people were expecting for the fifth month of 2023.
One of Microsoft’s lightest months with only 38 updates
Not the busiest but also not the lightest month for Microsoft security experts, so we can relax a bit right before the summer.
You might like to know that, out of the 38 new CVEs released, seven are rated Critical and 31 are rated Important in severity.
As many of you probably already know, May is always a smaller month for fixes historically, but this month’s volume is the lowest since August 2021.
Know that one of the new CVEs is listed as under active attack and two are listed as publicly known at the time of release.
| CVE | Title | Severity | CVSS | Public | Exploited | Type |
| CVE-2023-29336 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | Yes | EoP |
| CVE-2023-29325 | Windows OLE Remote Code Execution Vulnerability | Critical | 8.1 | Yes | No | RCE |
| CVE-2023-24932 | Secure Boot Security Feature Bypass Vulnerability | Important | 6.7 | Yes | No | SFB |
| CVE-2023-24955 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | 7.2 | No | No | RCE |
| CVE-2023-28283 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2023-29324 | Windows MSHTML Platform Elevation of Privilege Vulnerability | Critical | 7.5 | No | No | EoP |
| CVE-2023-24941 | Windows Network File System Remote Code Execution Vulnerability | Critical | 9.8 | No | No | RCE |
| CVE-2023-24943 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | RCE |
| CVE-2023-24903 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2023-29340 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2023-29341 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2023-29333 | Microsoft Access Denial of Service Vulnerability | Important | 3.3 | No | No | DoS |
| CVE-2023-29350 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important | 7.5 | No | No | EoP |
| CVE-2023-24953 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2023-29344 | Microsoft Office Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2023-24954 | Microsoft SharePoint Server Information Disclosure Vulnerability | Important | 6.5 | No | No | Info |
| CVE-2023-24950 | Microsoft SharePoint Server Spoofing Vulnerability | Important | 6.5 | No | No | Spoofing |
| CVE-2023-24881 | Microsoft Teams Information Disclosure Vulnerability | Important | 6.5 | No | No | Info |
| CVE-2023-29335 | Microsoft Word Security Feature Bypass Vulnerability | Important | 7.5 | No | No | SFB |
| CVE-2023-24905 | Remote Desktop Client Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2023-28290 | Remote Desktop Protocol Client Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2023-24942 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2023-24939 | Server for NFS Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2023-29343 | SysInternals Sysmon for Windows Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2023-29338 | Visual Studio Code Information Disclosure Vulnerability | Important | 5 | No | No | Info |
| CVE-2023-24902 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2023-24946 | Windows Backup Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2023-24948 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important | 7.4 | No | No | EoP |
| CVE-2023-24944 | Windows Bluetooth Driver Information Disclosure Vulnerability | Important | 6.5 | No | No | Info |
| CVE-2023-24947 | Windows Bluetooth Driver Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
| CVE-2023-28251 | Windows Driver Revocation List Security Feature Bypass Vulnerability | Important | 5.5 | No | No | SFB |
| CVE-2023-24899 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7 | No | No | EoP |
| CVE-2023-24904 | Windows Installer Elevation of Privilege Vulnerability | Important | 7.1 | No | No | EoP |
| CVE-2023-24945 | Windows iSCSI Target Service Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2023-24949 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2023-24901 | Windows NFS Portmapper Information Disclosure Vulnerability | Important | 7.5 | No | No | Info |
| CVE-2023-24900 | Windows NTLM Security Support Provider Information Disclosure Vulnerability | Important | 5.9 | No | No | Info |
| CVE-2023-24940 | Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2023-24898 | Windows SMB Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2023-29354 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Moderate | 4.7 | No | No | SFB |
| CVE-2023-2459 * | Chromium: CVE-2023-2459 Inappropriate implementation in Prompts | Medium | N/A | No | No | RCE |
| CVE-2023-2460 * | Chromium: CVE-2023-2460 Insufficient validation of untrusted input in Extensions | Medium | N/A | No | No | RCE |
| CVE-2023-2462 * | Chromium: CVE-2023-2462 Inappropriate implementation in Prompts | Medium | N/A | No | No | RCE |
| CVE-2023-2463 * | Chromium: CVE-2023-2463 Inappropriate implementation in Full Screen Mode | Medium | N/A | No | No | RCE |
| CVE-2023-2464 * | Chromium: CVE-2023-2464 Inappropriate implementation in PictureInPicture | Medium | N/A | No | No | RCE |
| CVE-2023-2465 * | Chromium: CVE-2023-2465 Inappropriate implementation in CORS | Medium | N/A | No | No | RCE |
| CVE-2023-2466 * | Chromium: CVE-2023-2466 Inappropriate implementation in Prompts | Low | N/A | No | No | RCE |
| CVE-2023-2467 * | Chromium: CVE-2023-2467 Inappropriate implementation in Prompts | Low | N/A | No | No | RCE |
| CVE-2023-2468 * | Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPicture | Low | N/A | No | No | RCE |
Let’s take a closer look at CVE-2023-29336, as its the one bug listed as being under active attack at the time of release.
Thus, as a result, you must go all the way back to May of last year before you find a month where there wasn’t at least one Microsoft bug under active attack.
In fact, this type of privilege escalation is usually combined with a code execution bug to spread malware, so we advise caution.
Moving on to CVE-2023-29325, we learn that while the title says OLE when it comes to this bug, the real component to worry about is Outlook.
Please note that this vulnerability allows an attacker to execute their code on an affected system by sending a specially crafted RTF e-mail.
The Preview Pane is an attack vector, so a target doesn’t even need to read the crafted message, and while Outlook is the more likely exploit vector, other Office applications are also impacted.
Microsoft mentioned that this is one of the publicly known bugs patched this month and has been widely discussed on Twitter.
CVE-2023-24941 has been given a CVSS of 9.8 and allows a remote, unauthenticated attacker to run arbitrary code on an affected system with elevated privileges.
And, the worst part is that no user interaction is required. Another interesting thing about this vulnerability is that exists in NFS version 4.1 but not versions NFSv2.0 or NFSv3.0.
Rest assured that you can mitigate this bug by downgrading to a previous version, but Microsoft warns that you should not use this mitigation unless you have the CVE-2022-26937 patch from May 2022 installed.
Observing the remaining Critical-rated patches, there’s another CVSS 9.8 bug in Pragmatic General Multicast (PGM) that looks identical to PGM bug patched last month.
It’s important to know that this could indicate a failed patch or, more likely, a wide attack surface in PGM that is just starting to be explored.
There are also patches for Critical-rated bugs in the LDAP and SSTP protocols and an intriguing bug in MSHTML that could allow a remote attacker to escalate to administrator privileges.
The Redmond tech giant doesn’t provide details here, but they do note some level of privileges is required.
The next Patch Tuesday rollout will be on May 10th, so don’t get too comfortable with the current state of affairs, as it might change sooner than you think.
Was this article helpful to you? Share your opinion in the comments section below.
User forum
0 messages