Microsoft’s May 2023 Patch Tuesday update fixes a laundry list of security flaws in Windows 11

Windows Update
(Image credit: Windows Central)

 What you need to know: 

  • A security update for Windows 11 was pushed live on May 9, 2023 and included fixes for 38 flaws including 3 zero-day vulnerabilities. 
  • 6 of the vulnerabilities patched in the update were deemed ‘Critical’ as they allowed remote code execution.
  • A patch for the BlackLotus bootkit vulnerability was deployed but needs to be manually enabled.
  • A security update released on May 5th for Microsoft Edge fixed an additional 11 vulnerabilities.

Microsoft’s Patch Tuesday brought a slew of security updates to Windows 11 users, but May 2023’s roster of fixes is considerably smaller than some of the patches that came before it. Despite being smaller in stature, this security update fixes several major exploitations, including two which were classified as Zero-Day vulnerabilities that had been actively exploited in the wild along with a third that had been publicly disclosed (via Bleeping Computer).

May 2023’s Patch Tuesday includes a fix for an exploit using CVE-2023-24932, a security bypass law that could be used to install a malicious UEFI bootkit known as BlackLotus. The BlackLotus campaign has been particularly problematic for Microsoft, despite the company only listing the severity of the vulnerability as ‘Important’. 

Microsoft claims that this downgraded severity is because a threat actor would need physical access to a device as well as administrative privileges in order to properly bypass Secure Boot measures. However, BlackLotus bootkits have been maintained and sold across hacker forums since October and even Microsoft has acknowledged that it is possible to bypass Secure Boot without physical access to an unpatched device. While the May 2023 patch does provide a fix for CVE-2023-24932 by updating Windows Boot Manager, the fix itself is not enabled by default. 

Patch Tuesday also adds a fix for CVE-2023-29336, a privilege elevation vulnerability that allows an attacker to gain SYSTEM privileges if exploited, as well as CVE-2023-29325 which exploited Microsoft Outlook via infected emails that could result in the execution of remote code. Microsoft has advised that users read email messages in plain text format when using Outlook as a preventative measure from falling victim to CVE-2023-29325.  One other zero-day vulnerability which had been publicly disclosed but not actively exploited was also patched as part of the May 2023 update. 

The patch for May covered 38 vulnerabilities in all, 6 of which were deemed Critical and included the following categories: 

  • Elevation of Privilege 
  • Security Feature Bypass 
  • Remote Code Execution 
  • Information Disclosure 
  • Denial of Service
  • Spoofing

In addition to Windows 11's security patches, Microsoft also rolled out a security update for Microsoft Edge on May 5th which fixed an additional 11 vulnerabilities. The May 2023 update also marked the end of service for all editions of Windows 10 version 20H2.

Cole Martin
Writer

Cole is the resident Call of Duty know-it-all and indie game enthusiast for Windows Central. She's a lifelong artist with two decades of experience in digital painting, and she will happily talk your ear off about budget pen displays. 

Read more
Windows Updates
Windows 11 Patch Tuesday Update adds multi-app camera feature and addresses security issues
Binary code displayed on a laptop screen and Guy Fawkes mask are seen in this illustration photo.
Microsoft blocks critical Secure Boot loophole after over 7 months — fortifying Windows 11 against sophisticated firmware attacks camouflaged as verified UEFI apps
Samsung Galaxy Book5 Pro on a table with a green plant in the background.
Windows 11 Patch Tuesday tweaks taskbar and adds handy icon in system tray for AI effects
Windows Update
Unable to install security updates after freshly installing Windows 11? You're not alone
Windows 11 update in Settings app
Windows 11's latest security update won't play nicely with these audio devices
Apple Store in Bangkok, Thailand
Microsoft flags macOS bug — remotely bypassing Apple's sophisticated System Integrity Protection (SIP) security solution and allowing unauthorized third-party rootkit installs
Latest in Windows 11
Windows Update
Microsoft begins testing next phase of Windows 11 — Dev Channel to flight new platform changes
Windows 11 Search
Copilot+ PCs' first must-have feature is just around the corner
Themes section of the Microsoft Store on Windows 11
Two of my least favorite things about the Microsoft Store are about to get fixed
Surface Laptop 7
Amazon warns Surface Laptop 7 shoppers as Mojang unveils massive visual update to Minecraft and Microsoft leaks a potential new feature for the Xbox app on Windows 11
Windows 11 Update Settings
Your PC might have been blocked from updating Windows 11 because of this game
Windows 11 Official
Microsoft's next wave of Windows 11 feature updates includes gaming, emoji, and lock screen changes
Latest in News
Screenshot of one of the new flat world presets in Minecraft.
Minecraft testing new flat world presets and a better way to locate your friends in-game
Cover art for Heroes of the Storm.
Xbox Game Pass will give you more benefits in free-to-play games like Heroes of the Storm
Surface Pro 11
Microsoft’s smaller Surface Pro appears in certification database ahead of rumored launch this spring
Artificial intelligence mobile apps for DeepSeek, ChatGPT and Google Gemini arranged.
Google says its latest reasoning model is its "most intelligent" — but Microsoft's CEO claims Google already fumbled its AI opportunity
ChatGPT and Microsoft Logo
ChatGPT’s new image-generation tool is impressive; it can finally create a glass of wine filled to the brim — but it struggles with blank white images and appears to discriminate against 'sexy women'
Microsoft Edge Sidebar
My favorite Microsoft Edge feature just got an AI upgrade — is this the best way to use Copilot on Windows 11?