![]() ![]() CVE-2023-29336 – Win32k Elevation of Privilege Vulnerability Let’s take a closer look at some of the more interesting updates for this month, starting with the one bug under active attack: One of the new CVEs is listed as under active attack and two are listed as publicly known at the time of release. However, considering just the number of ZDI cases waiting to be patched, this number is expected to rise in the coming months. May tends to be a smaller month for fixes historically, but this month’s volume is the lowest since August 2021. Of the new patches released today, seven are rated Critical and 31 are rated Important in severity. However, none of the other bugs reported at that event have yet to be addressed by Microsoft. This includes three SharePoint fixes that were reported during the most recent Pwn2Own Vancouver competition. This is in addition to 11 CVEs in Chromium that were previously released for Edge and are now being documented in the Security Updates Guide.Ī total of four of these bugs were submitted through the ZDI program. This month, Microsoft released 38 new patches addressing CVEs in Microsoft Windows and Windows Components Office and Office Components Microsoft Edge (Chromium-based) SharePoint Server Visual Studio SysInternals and Microsoft Teams. Adobe categorizes these updates as a deployment priority rating of 3. None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release. The most severe of these issues would allow an attacker to execute arbitrary code on an affected system if they can convince a user to open a specially-crafted file. ![]() All of these bugs were found and reported by ZDI vulnerability researcher Mat Powell. If you’d rather watch the video recap, you can check out the Patch Report webcast on our YouTube channel.įor May, Adobe released a single bulletin for Substance 3D Painter addressing 11 Critical-rated and 3 Important-rated vulnerabilities. Take a break from your regularly scheduled activities and join us as we review the details of the latest offerings from Microsoft and Adobe. These errors will clear after a few moments.It’s patch Tuesday once again, and Adobe and Microsoft have released their monthly batch of security updates. During this time, it may display errors that it is "offline" or not running.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |