Microsoft patches several critical security issues on the May 2023 Windows Patch Day
Microsoft released security updates and non-security updates for all supported versions of its Windows operating system and other company products on the May 2023 Patch Tuesday.
All versions of Windows are affected by critical updates. Updates were also released for other Microsoft products, including Microsoft Edge and Microsoft Office.
This overview provides system administrators and home users with information on the released patches. It offers an overview of the Windows updates, lists known issues, links to support pages and direct downloads, and more.
Click here to access our April 2023 overview of the Microsoft Patch Day.
Microsoft Windows Security Updates: May 2023
You can download the following Excel spreadsheet. It lists the released security updates of the May 2023 Microsoft Patch Day. Click on the following link to download it: windows may 2023 security updates
Executive Summary
Microsoft released security updates for all supported client and server versions of Windows.
Security updates were also released for Microsoft Office, Visual Studio Code, Microsoft Bluetooth Driver, Windows Backup Engine, Remote Desktop Client, Windows SMB and Microsoft Teams.
The following Windows client version have known issues: Windows 10 version 1809, Windows 10 version 20H2, 21H2 and 22H2, Windows 11 version 21H2 and 22H2.
The following Windows server versions have known issues: Windows Server 2008 and 2008 R2, Windows Server 2019 and 2022
Microsoft won’t release feature updates for Windows 10 anymore. Windows 10 version 22H2 is the last version of Windows 10.
Operating System Distribution
Windows 10 version 21H2: 19 vulnerabilities, 4 critical and 15 important.
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability — CVE-2023-24903
Windows OLE Remote Code Execution Vulnerability — CVE-2023-29325
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability — CVE-2023-24943
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2023-28283
Windows 10 version 22H2: 19 vulnerabilities, 4 critical and 15 important.
same as Windows 10 version 21H2
Windows 11 version 2!H2: 20 vulnerabilities, 4 critical and 16 important
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability — CVE-2023-24903
Windows OLE Remote Code Execution Vulnerability — CVE-2023-29325
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability — CVE-2023-24943
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2023-28283
Windows 11 version 22H2: 19 vulnerabilities, 4 critical and 16 important
same as Windows 11 version 22H2
Windows Server products
Windows Server 2008 R2 (extended support only): 14 vulnerabilities: 4 critical and 10 important
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability — CVE-2023-24943
Windows OLE Remote Code Execution Vulnerability — CVE-2023-29325
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability — CVE-2023-24903
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability — CVE-2023-28283
Windows Server 2012 R2: 16 vulnerabilities: 5 critical and 11 important
Same as Windows Server 2008 R2, plus
Windows Network File System Remote Code Execution Vulnerability — CVE-2023-24941
Windows Server 2016: 18 vulnerabilities: 5 critical and 13 important.
Same as Windows Server 2012 R2
Windows Server 2019: 19 vulnerabilities: 5 critical and 14 important.
Same as Windows Server 2012 R2
Windows Server 2022: 18 vulnerabilities: 5 critical and 131 important.
Same as Windows Server 2012 R2
Windows Security Updates
Windows 10 version 21H2 and 22H2
Support Page: KB5026361
Updates and improvements:
This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding.
The update includes content of the preview update, released on April 25, 2023. Notable are a new option to configure application group rules and the ability to sync language and region settings when the Microsoft account display language or regional format are changed.
Windows 11 Release version
Support Page: KB5026368
Updates and improvements:
This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding.
Also includes the preview updates released on April 25.
Windows 11 version 22H2
Support Page: KB5026372
Updates and improvements:
Adds a new toggle to Settings > Windows Update to get Windows updates early.
This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding.
This update affects the Kernel-mode Hardware-enforced Stack Protection security feature. The update adds more drivers to the database of drivers that are not compatible with it.
Includes the non-security updates released on April 25 as a preview. Same new features as in Windows 10’s preview update.
Other security updates
2023-05 Cumulative Security Update for Internet Explorer (KB5026366)
2023-05 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5026382)
2023-05 Cumulative Update for Windows 10 Version 22H2, Windows 10 Version 21H2, and Windows 10 Version 20H2 (KB5026361)
Server
2023-05 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5026363)
2023-05 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5026362)
2023-05 Security Monthly Quality Rollup for Windows Server 2008 (KB5026408)
2023-05 Security Only Quality Update for Windows Server 2008 (KB5026427)
2023-05 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5026413)
2023-05 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5026426)
2023-05 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5026411)
2023-05 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5026419)
2023-05 Security Only Quality Update for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5026409)
2023-05 Security Monthly Quality Rollup for Windows Embedded 8.1 and Windows Server 2012 R2 (KB5026415)
2023-05 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5026456)
2023-05 Cumulative Update for Microsoft server operating system version 21H2 and Microsoft server operating system, version 22H2 for x64-based Systems (KB5026370)
Known Issues
Windows 10 versions 21H2 and 22H2
(Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.
Workaround described on the support page.
Windows 11 version 21H2
(Old) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.
Windows 11 version 22H2
(New) Some applications may “have intermittent issues with speech recognition, expressive input, and handwriting when using Chinese or Japanese languages”.
To mitigate the issue, do the following: close the app that is having the issues, then open Task Manager and end the ctfrmon.exe process. The app should now be ready for use again.
(Old) Provisioning packages may not work as expected. Windows may only be configured partially and the ” Out Of Box Experience might not finish or might restart unexpectedly”.
Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
Security advisories and updates
ADV 990001 — Latest Servicing Stack Updates
Non-security updates
Microsoft Office Updates
You find Office update information here.
How to download and install the May 2023 security updates
Most Windows Home devices are updated automatically once the monthly security updates are released. The checking process does not happen in real-time, and some administrators may want to install the security updates as early as possible.
This can be done either by running a manual check for updates or downloading the updates manually to install them after the download completes.
Do the following to run a manual check for updates:
Select Start, type Windows Update and load the Windows Update item that is displayed.
Select check for updates to run a manual check for updates.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 10 Version 21H2
KB5026361 — 2023-05 Cumulative Update for Windows 10 Version 21H2
Windows 10 version 22H2
KB5026361 — 2023-05 Cumulative Update for Windows 10 Version 21H2
Windows 11 Release version
KB5026368 — 2023-05 Cumulative Update for Windows 11
Windows 11 version 22H2
KB5026372 — 2023-05 Cumulative Update for Windows 11 version 22H2
Additional resources
May 2023 Security Updates release notes
List of software updates for Microsoft products
List of the latest Windows Updates and Services Packs
Security Updates Guide
Microsoft Update Catalog site
Our in-depth Windows update guide
How to install optional updates on Windows 10
Windows 11 Update History
Windows 10 Update History
Thank you for being a Ghacks reader. The post Microsoft patches several critical security issues on the May 2023 Windows Patch Day appeared first on gHacks Technology News.
gHacks Technology News