PRUEBA AHORA
Patch Tuesday

Microsoft Patch Tuesday – May 2023

5 min. read
09/05/2023
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The May 2023 edition of Patch Tuesday brings us 38 new fixes, with 6 rated as critical, and 13 previously fixed vulnerabilities were updated. We’ve listed the most important changes below.

⚡ TL;DR | Go Straight to the May 2023 Patch Tuesday Audit Report

Microsoft SharePoint Server Remote Code Execution Vulnerability

One most critical vulnerabilities this month is in Microsoft SharePoint. CVE-2023-24955 only has a CVSS base score of 7.2 but the fact that this is a vulnerability in a popular Microsoft product and the fact that Microsoft lists that exploitation is «more likely» brings this to the top of the list.

To exploit this vulnerability an authenticated attacker as a Site Owner could execute code remotely on the SharePoint Server.

Windows Network File System Remote Code Execution Vulnerability

The second critical vulnerability is one which has seen multiple vulnerabilities in the past. The Network File System (NFS) contains the RCE vulnerability CVE-2023-24941. With a CVSS base score of 9.8 its obvious why this is one of the to-watch vulnerabilities.

Attackers can exploit this vulnerability by making an unauthenticated, specially crafted call to a Network File System service to trigger a Remote Code Execution. If you have NFS servers and you can’t wait for the update, Microsoft does have mitigation steps in the advisory.

If you want a quick overview of your NFS servers, you can run our Windows Server NFS Role Audit.

Windows OLE Remote Code Execution Vulnerability

The last vulnerability I will cover is a vulnerability in the Windows Object Linking & Embedding component. CVE-2023-29325 has a CVSS base score of 8.1. Microsoft has quite some information on this vulnerability and does also list that exploitation is likely.

The vulnerability can be exploited through the Window’s preview panes. They also provide an example of exploitation:

In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted email to the victim. Exploitation of the vulnerability might involve either a victim opening a specially crafted email with an affected version of Microsoft Outlook software, or a victim’s Outlook application displaying a preview of a specially crafted email . This could result in the attacker executing remote code on the victim’s machine.

Run the Patch Tuesday May 2023 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday May 2023 CVE Codes & Titles

CVE-2023-29344Microsoft Office Remote Code Execution Vulnerability
CVE-2023-29343SysInternals Sysmon for Windows Elevation of Privilege Vulnerability
CVE-2023-29341AV1 Video Extension Remote Code Execution Vulnerability
CVE-2023-29340AV1 Video Extension Remote Code Execution Vulnerability
CVE-2023-29338Visual Studio Code Information Disclosure Vulnerability
CVE-2023-29336Win32k Elevation of Privilege Vulnerability
CVE-2023-29335Microsoft Word Security Feature Bypass Vulnerability
CVE-2023-29333Microsoft Access Denial of Service Vulnerability
CVE-2023-29325Windows OLE Remote Code Execution Vulnerability
CVE-2023-29324Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2023-28290Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability
CVE-2023-28283Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2023-28251Windows Driver Revocation List Security Feature Bypass Vulnerability
CVE-2023-24955Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-24954Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2023-24953Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-24950Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-24949Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-24948Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-24947Windows Bluetooth Driver Remote Code Execution Vulnerability
CVE-2023-24946Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-24945Windows iSCSI Target Service Information Disclosure Vulnerability
CVE-2023-24944Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2023-24943Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-24942Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-24941Windows Network File System Remote Code Execution Vulnerability
CVE-2023-24940Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability
CVE-2023-24939Server for NFS Denial of Service Vulnerability
CVE-2023-24932Secure Boot Security Feature Bypass Vulnerability
CVE-2023-24911Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24905Remote Desktop Client Remote Code Execution Vulnerability
CVE-2023-24904Windows Installer Elevation of Privilege Vulnerability
CVE-2023-24903Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2023-24902Win32k Elevation of Privilege Vulnerability
CVE-2023-24901Windows NFS Portmapper Information Disclosure Vulnerability
CVE-2023-24900Windows NTLM Security Support Provider Information Disclosure Vulnerability
CVE-2023-24899Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-24898Windows SMB Denial of Service Vulnerability
CVE-2023-24892Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2023-24881Microsoft Teams Information Disclosure Vulnerability
CVE-2023-24858Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-23398Microsoft Excel Spoofing Vulnerability
CVE-2023-23396Microsoft Excel Denial of Service Vulnerability
CVE-2023-23383Service Fabric Explorer Spoofing Vulnerability
CVE-2023-21779Visual Studio Code Remote Code Execution Vulnerability
CVE-2023-21738Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-41104Microsoft Excel Security Feature Bypass Vulnerability
CVE-2022-29900AMD: CVE-2022-29900 AMD CPU Branch Type Confusion
CVE-2022-26928Windows Photo Import API Elevation of Privilege Vulnerability
CVE-2021-28452Microsoft Outlook Memory Corruption Vulnerability
CVE-2013-3900WinVerifyTrust Signature Validation Vulnerability

Receive the Latest Patch Tuesday Report for FREE Every Month

"*" señala los campos obligatorios

This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
Este campo es un campo de validación y debe quedar sin cambios.