bleepingcomputer[.]com/news/microsoft/microsoft-may-2023-patch-tuesday-fixes-3-zero-days-38-flaws/
bleepingcomputer[.]com/news/microsoft/windows-10-kb5026361-and-kb5026362-updates-released/
bleepingcomputer[.]com/news/microsoft/windows-11-kb5026372-cumulative-update-released-with-20-changes/
Microsoft included fixes / changes related to UEFI booting -- that portion's .exe file runs in a command prompt (DOS-like) window, which stalled / crashed on my old Celeron powered mini PC, and executed well after this month's cumulative update finished on our laptop. It's *probably* part of Microsoft's fix for the Secure Boot zero day exploited by the BlackLotus malware. Note that the fix is disabled by default -- they give the steps to turn it on -- and is being deployed in 3 steps... the July 11 update: "... will provide additional update options to simplify the deployment of the protections", and an update in the 1st quarter of 2024: "... will enable the fix for CVE-2023-24932 by default and enforce bootmanager revocations on all Windows devices".
bleepingcomputer[.]com/news/microsoft/microsoft-issues-optional-fix-for-secure-boot-zero-day-used-by-malware/
Which all *might* not matter as much since hackers stole the private keys used by the Intel Boot Guard when they breached MSI.
bleepingcomputer[.]com/news/security/intel-investigating-leak-of-intel-boot-guard-private-keys-after-msi-breach/
Microsoft is continuing to play with hardware-related security settings in Win11 -- after this month's update my mini PC, which is Not in any way qualified to run Win11 according to Microsoft's guidelines, showed a warning that there was no TPM present.
Otherwise:
... security updates fix three zero-day vulnerabilities and a total of 38 flaws.Six vulnerabilities are classified as 'Critical' as they allow remote code execution, the most severe type of vulnerability.
The number of bugs in each vulnerability category is listed below:
8 Elevation of Privilege Vulnerabilities
4 Security Feature Bypass Vulnerabilities
12 Remote Code Execution Vulnerabilities
8 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
1 Spoofing VulnerabilityToday's Patch Tuesday is one of the smallest in terms of resolved vulnerabilities, with only thirty-eight vulnerabilities fixed, not including eleven Microsoft Edge vulnerabilities fixed last week, on May 5th.