Tripwire Patch Priority Index for May 2023

Image

Tripwire's May 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.

First on the patch priority list this month are patches for Microsoft Edge. These patches resolve elevation and security feature bypass vulnerabilities.

Up next are 3 patches for Microsoft Office, Word, Excel, and Access that resolve remote code execution, security feature bypass, and denial of service vulnerabilities.

Next are patches that affect components of the core Windows operating system. These patches resolve over 25 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, Graphics, MSHTML, NTLM, Secure Socket Tunneling, iSCSI, Installer, Secure Boot, Remote Desktop Client, LDAP, SMB, and others.

Up next are patches for Visual Studio and Microsoft Teams that resolve 2 information disclosure vulnerabilities.

Lastly, administrators should focus on server-side patches for NFS and SharePoint. These patches resolve remote code execution, spoofing, denial of service, and information disclosure vulnerabilities.