Microsoft’s May 2023 Patch Tuesday update fixes a laundry list of security flaws in Windows 11

Several of the vulnerabilities were deemed ‘Critical’ while at least 2 had been exploited in the wild.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know:

Microsoft’s Patch Tuesday brought a slew of security updates toWindows 11users, but May 2023’s roster of fixes is considerably smaller than some of the patches that came before it. Despite being smaller in stature, this security update fixes several major exploitations, including two which were classified as Zero-Day vulnerabilities that had been actively exploited in the wild along with a third that had been publicly disclosed (viaBleeping Computer).

May 2023’sPatch Tuesdayincludes a fix for an exploit using CVE-2023-24932, a security bypass law that could be used to install a malicious UEFI bootkit known as BlackLotus. The BlackLotus campaign has been particularly problematic for Microsoft, despite the company only listing the severity of the vulnerability as ‘Important’.

Microsoft claims that this downgraded severity is because a threat actor would need physical access to a device as well as administrative privileges in order to properly bypass Secure Boot measures. However, BlackLotus bootkits have been maintained and sold across hacker forums since October and even Microsoft has acknowledged that it is possible to bypassSecure Bootwithout physical access to an unpatched device. While the May 2023 patch does provide a fix for CVE-2023-24932 by updating Windows Boot Manager, the fix itself is not enabled by default.

Patch Tuesday also adds a fix for CVE-2023-29336, a privilege elevation vulnerability that allows an attacker to gain SYSTEM privileges if exploited, as well as CVE-2023-29325 which exploited Microsoft Outlook via infected emails that could result in the execution of remote code. Microsoft has advised that users read email messages in plain text format when using Outlook as a preventative measure from falling victim to CVE-2023-29325.  One other zero-day vulnerability which had been publicly disclosed but not actively exploited was also patched as part of the May 2023 update.

The patch for May covered 38 vulnerabilities in all, 6 of which were deemed Critical and included the following categories:

In addition to Windows 11’s security patches,Microsoftalso rolled out a security update forMicrosoft Edgeon May 5th which fixed an additional 11 vulnerabilities. The May 2023 update also marked the end of service for all editions of Windows 10 version 20H2.

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Cole is the resident Call of Duty know-it-all and indie game enthusiast for Windows Central. She’s a lifelong artist with two decades of experience in digital painting, and she will happily talk your ear off about budget pen displays.