JPCERT-AT-2023-0009
                                                             JPCERT/CC
                                                            2023-05-10

                 <<< JPCERT/CC Alert 2023-05-10 >>>

            Microsoft Releases May 2023 Security Updates

       https://www.jpcert.or.jp/english/at/2023/at230009.html


I. Overview
Microsoft has released May 2023 Security Updates to address the
vulnerabilities in their products. Remote attackers leveraging
these vulnerabilities may be able to execute arbitrary code. It is
recommended to check the information provided by Microsoft and
apply the updates.

    Microsoft Corporation
    May 2023 Security Updates
    https://msrc.microsoft.com/update-guide/en-us/releaseNote/2023-May

    Microsoft Corporation
    Microsoft Security Updates for May 2023 (Monthly) (Japanese)
    https://msrc.microsoft.com/blog/2023/05/202305-security-update/

According to Microsoft, among these vulnerabilities, the following
vulnerability has been confirmed to be exploited in the wild. Please
consider applying the security update programs by referring to the
information provided by Microsoft.

    CVE-2023-29336
    Win32k Elevation of Privilege Vulnerability
    https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-29336

Microsoft also published guidance on the Secure Boot Security Feature
Bypass Vulnerability (CVE-2023-24932). Successful exploitation of the
vulnerability could allow an attacker with physical access to the
affected product or with local administrative privileges to bypass
Secure Boot. In order to apply protection against the vulnerability,
after applying the fixes included in this security update, it is
recommended to update bootable media and recovery media etc., and then
apply protection manually. The fix will be enabled by default and
enforced in the first quarter 2024. Please refer to the information
provided by Microsoft for more information on affected products,
examples of bootable media and how to apply the mitigation, etc.

    CVE-2023-24932
    Secure Boot Security Feature Bypass Vulnerability
    https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-24932

    Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
    https://msrc.microsoft.com/blog/2023/05/guidance-related-to-secure-boot-manager-changes-associated-with-cve-2023-24932/


II. Solution
Please apply the security update programs through Microsoft Update,
Windows Update, etc. as soon as possible.

    Microsoft Update Catalog
    https://www.catalog.update.microsoft.com/

    Windows Update: FAQ
    https://support.microsoft.com/en-us/help/12373/windows-update-faq


III. References
    Microsoft Corporation
    Release Notes
    https://msrc.microsoft.com/update-guide/releaseNote


If you have any information regarding this alert, please contact
JPCERT/CC.

======================================================================
JPCERT Coordination Center (Early Warning Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/