Hello and welcome to the Wednesday, May 10th, 2003 edition of the Sandinert Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Well, it was Patch Tuesday.

I think I actually got it wrong earlier this week, where I mentioned patch Tuesday would be

next week, but luckily, Renato has his act together and published his usual concise overview

of all the patches released by Microsoft.

49 vulnerabilities patched, six critical and two are already being exploited.

One of the exploited vulnerabilities that I thought was kind of interesting was a secure boot security feature bypass vulnerability.

We had vulnerabilities like this before, not I'm not sure which exact variety here has already been exploited or whether it was already published CVE 2023, 24-932.

Of course, in order to exploit this vulnerability, you need to have physical access to the system, but that's exactly

what secure boot is supposed to protect. The second already exploited vulnerability is one of those

wind 32K elevation of bridge vulnerabilities. Plenty of them in the past, so no real big surprise here.

CVE 2020, 23, 29, 336.

CVS has score of 7.8, which is kind of what you usually get for a privilege escalation vulnerability.

Among the critical vulnerabilities, the most interesting one is probably the

Windows Network File System vulnerability. Again, a system that we have had a number of

critical vulnerabilities against in the past. Some exploits were released against those past

vulnerabilities. CVSS score of 9.8 unauthenticated remote code

execution over the network. As a workaround, Microsoft recommends disabling NFS version 4.

Version 2 and 3 are not affected by this vulnerability. However, Microsoft

points out there was an earlier vulnerability just a year ago in May 22, so that one you

still need to patch even if you do apply the workaround. You also need to restart the

...