diff --git a/change-notes/1.19/analysis-cpp.md b/change-notes/1.19/analysis-cpp.md
index 39c5941098d..aa74fddba1b 100644
--- a/change-notes/1.19/analysis-cpp.md
+++ b/change-notes/1.19/analysis-cpp.md
@@ -6,6 +6,8 @@
 
 | **Query**                   | **Tags**  | **Purpose**                                                        |
 |-----------------------------|-----------|--------------------------------------------------------------------|
+| Cast between HRESULT and a Boolean type (`cpp/hresult-boolean-conversion`) | external/cwe/cwe-253 | Finds logic errors caused by mistakenly treating the Windows `HRESULT` type as a Boolean instead of testing it with the appropriate macros. Enabled by default. |
+| Setting a DACL to `NULL` in a `SECURITY_DESCRIPTOR` (`cpp/unsafe-dacl-security-descriptor`) | external/cwe/cwe-732 | This query finds code that creates world-writable objects on Windows by setting their DACL to `NULL`. Enabled by default. |
 | Cast from char* to wchar_t* | security, external/cwe/cwe-704 | Detects potentially dangerous casts from char* to wchar_t*.  Enabled by default on LGTM. |
 
 ## Changes to existing queries
diff --git a/cpp/config/suites/c/correctness b/cpp/config/suites/c/correctness
index f3f9bebf4a5..e53ccda1187 100644
--- a/cpp/config/suites/c/correctness
+++ b/cpp/config/suites/c/correctness
@@ -6,6 +6,7 @@
 + semmlecode-cpp-queries/Likely Bugs/Arithmetic/IntMultToLong.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Correctness/Dangerous Conversions
++ semmlecode-cpp-queries/Security/CWE/CWE-253/HResultBooleanConversion.ql: /Correctness/Dangerous Conversions
   # Consistent Use 
 + semmlecode-cpp-queries/Critical/ReturnValueIgnored.ql: /Correctness/Consistent Use
 + semmlecode-cpp-queries/Likely Bugs/InconsistentCheckReturnNull.ql: /Correctness/Consistent Use
diff --git a/cpp/config/suites/cpp/correctness b/cpp/config/suites/cpp/correctness
index e1195442623..ceb15f55260 100644
--- a/cpp/config/suites/cpp/correctness
+++ b/cpp/config/suites/cpp/correctness
@@ -7,6 +7,7 @@
 + semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql: /Correctness/Dangerous Conversions
++ semmlecode-cpp-queries/Security/CWE/CWE-253/HResultBooleanConversion.ql: /Correctness/Dangerous Conversions
   # Consistent Use 
 + semmlecode-cpp-queries/Critical/ReturnValueIgnored.ql: /Correctness/Consistent Use
 + semmlecode-cpp-queries/Likely Bugs/InconsistentCheckReturnNull.ql: /Correctness/Consistent Use
diff --git a/cpp/config/suites/security/cwe-253 b/cpp/config/suites/security/cwe-253
new file mode 100644
index 00000000000..1ce40c4e71a
--- /dev/null
+++ b/cpp/config/suites/security/cwe-253
@@ -0,0 +1,3 @@
+# CWE-253: Incorrect Check of Function Return Value
++ semmlecode-cpp-queries/Security/CWE/CWE-253/HResultBooleanConversion.ql: /CWE/CWE-253
+    @name Cast between HRESULT and a Boolean type (CWE-253)
diff --git a/cpp/config/suites/security/cwe-732 b/cpp/config/suites/security/cwe-732
index 90af4998438..77de440b90e 100644
--- a/cpp/config/suites/security/cwe-732
+++ b/cpp/config/suites/security/cwe-732
@@ -1,3 +1,5 @@
 # CWE-732: Incorrect Permission Assignment for Critical Resource
 + semmlecode-cpp-queries/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql: /CWE/CWE-732
     @name File created without restricting permissions (CWE-732)
++ semmlecode-cpp-queries/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql: /CWE/CWE-732
+    @name Setting a DACL to NULL in a SECURITY_DESCRIPTOR (CWE-732)
diff --git a/cpp/config/suites/security/default b/cpp/config/suites/security/default
index 4225ae9808b..baa8a3f5bc8 100644
--- a/cpp/config/suites/security/default
+++ b/cpp/config/suites/security/default
@@ -13,6 +13,7 @@
 @import "cwe-170"
 @import "cwe-190"
 @import "cwe-242"
+@import "cwe-253"
 @import "cwe-290"
 @import "cwe-311"
 @import "cwe-327"
diff --git a/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.qhelp b/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.qhelp
index d5b949691f0..fdc31608922 100644
--- a/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.qhelp
+++ b/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.qhelp
@@ -4,13 +4,13 @@
 <qhelp>
 
 <overview>
-  <p>This query indicates that an <code>HRESULT</code> is being cast to a boolean type or vice versa.</p>
-  <p>The typical success value (<code>S_OK</code>) of an <code>HRESULT</code> equals 0. However, 0 indicates failure for a boolean type.</p>
-  <p>Casting an <code>HRESULT</code> to a boolean type and then using it in a test expression will yield an incorrect result.</p>
+  <p>This query indicates that an <code>HRESULT</code> is being cast to a Boolean type or vice versa.</p>
+  <p>The typical success value (<code>S_OK</code>) of an <code>HRESULT</code> equals 0. However, 0 indicates failure for a Boolean type.</p>
+  <p>Casting an <code>HRESULT</code> to a Boolean type and then using it in a test expression will yield an incorrect result.</p>
 </overview>
 
 <recommendation>
-<p>To check if a call that returns an HRESULT succeeded use the <code>FAILED</code> macro.</p>
+<p>To check if a call that returns an <code>HRESULT</code> succeeded use the <code>FAILED</code> macro.</p>
 </recommendation>
 
 <example>
diff --git a/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql b/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql
index 7678cff23f0..165fe0eed96 100644
--- a/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql
+++ b/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql
@@ -1,8 +1,6 @@
 /**
- * @name Cast between semantically different integer types: HRESULT to/from a Boolean type
- * @description Cast between semantically different integer types: HRESULT to/from a Boolean type.
- *              Boolean types indicate success by a non-zero value, whereas success (S_OK) in HRESULT is indicated by a value of 0. 
- *              Casting an HRESULT to/from a Boolean type and then using it in a test expression will yield an incorrect result.
+ * @name Cast between HRESULT and a Boolean type
+ * @description Casting an HRESULT to/from a Boolean type and then using it in a test expression will yield an incorrect result because success (S_OK) in HRESULT is indicated by a value of 0.
  * @kind problem
  * @id cpp/hresult-boolean-conversion
  * @problem.severity error
@@ -68,4 +66,4 @@ where exists
     )
     and not isHresultBooleanConverted(e1)
   )
-select e1, msg
\ No newline at end of file
+select e1, msg