App Wednesday May 2023

Greg Lambert
May 25, 2023
3 minutes

Once a month, in the middle of the Patch Tuesday release cycle, the Readiness teams publishes an update on Microsoft related patches, out of band  (OOB) releases and republished CVE vulnerability documentation. This note is intended as a informal brief on recent changes and may reflect a dynamic or rapidly changing situation.

For the month of May 2023, this posting will include the following areas:

  • Resolved issues
  • Reported issues
  • Updated CVE entries
  • Scheduled Out-of-band (OOB) releases

Resolved Issues

As there were not any reported issues with the previous May Microsoft Patch Tuesday release,  we do not have any resolved issues to add for this section as of writing.

Reported Issues

This section deals with reported issues from Microsoft sources only. There may be plenty of problems reported in the media, which the Readiness will investigate but may not include in this brief:

  • After installing the past May 2023 update, some apps might have intermittent issues with speech recognition, expressive input, and handwriting when using Chinese or Japanese languages. Microsoft is working on a resolution, and we expect an update soon.
  • You might have intermittent issues saving, or copying, or attaching files using 32-bit apps which are large address aware and using the CopyFile API. Windows devices are more likely to be affected by this issue when using some commercial/enterprise security software which uses extended file attributes.
  • After installing “Update for Microsoft Defender Antivirus antimalware platform – KB5007651 “, you might receive a security notification or warning stating that “Local Security protection is off. Your device may be vulnerable.” and once protections are enabled, your Windows device might persistently prompt that a restart is required.

Microsoft is working on a resolution for all three of these reported issues and we expect an update soon. You can find an updated status  of these reported issues on the Microsoft Health dashboard here.  You can also follow @WindowsUpdate on Twitter for Windows release health updates.

Updated Microsoft CVE Entries

Over the past few weeks since the last Patch Tuesday cycle, Microsoft periodically updates their release documentation as published by CVE entries. Here is a Windows focussed list of updates and revisions from the previous update cycle:

  • CVE-2023-24953 Microsoft Excel Remote Code Execution Vulnerability. Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
  • CVE-2023-29344: Microsoft Office Remote Code Execution Vulnerability. Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

Scheduled Out-of-band (OOB) releases.

At the time of writing there are no planned or documented Out of band releases scheduled for May from Microsoft.

Greg Lambert

CEO, Product Evangelist
Greg Lambert is the CEO and product evangelist for Application Readiness Inc. Greg is a co-founder of ChangeBASE and has considerable experience with application packaging technology and its deployment.

Planning business modernization projects?

  • Windows 10/11 migration
  • MS server 2022
  • Migration to Azure

Is your application estate ready?

Assurance.

Unbounded.

3 months of patch protection, assessments and dependency reports for your entire portfolio.

  • No cost
  • No limit of applications
  • No software needed
  • No infrastructure required
  • No obligation
Contact us to get started