Microsoft Patch Tuesday security updates for May 2024 addressed 59 vulnerabilities in Windows and Windows Components; Office and Office Components; .NET Framework and Visual Studio; Microsoft Dynamics 365; Power BI; DHCP Server; Microsoft Edge (Chromium-based); and Windows Mobile Broadband. <\/p>\n\n\n\n
Only one of the vulnerabilities addressed by the IT giant this month is rated Critical, 57 are rated Important, and one is rated Moderate in severity.<\/p>\n\n\n\n
Two of the vulnerabilities fixed by Microsoft this month are actively exploited, and one was a publicly disclosed zero-day.<\/p>\n\n\n\n
The two actively exploited zero-day vulnerabilities are:<\/p>\n\n\n\n
CVE-2024-30051<\/a>\u00a0– Windows DWM Core Library Elevation of Privilege Vulnerability<\/strong><\/p>\n\n\n\n
An attacker can exploit this vulnerability to gain SYSTEM privileges.<\/p>\n\n\n\n
The full list of flaws addressed by Microsoft with the release of Patch Tuesday security updates for May 2024 is available here<\/strong><\/a>.<\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, zero-day<\/a>)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"