Microsoft Warns: Urgent Windows Updates Needed to Block Active Exploits
Microsoft has released critical security updates to address multiple vulnerabilities in Windows and other software. Users are advised to apply these updates promptly to protect against active exploits and prevent remote malware installation.
The patches fix five remote code execution (RCE) flaws, two of which have high CVSS scores. Notably, CVE-2023-24941 in Windows Network File System has a CVSS score of 9.8, the highest among the patched issues. Additionally, two zero-day vulnerabilities, CVE-2023-29336 and CVE-2023-24932, were addressed. Both are actively exploited in attacks.
CVE-2023-29325 in Microsoft Outlook and Explorer allows remote malware installation via email preview. Users are advised to read emails in plain text format to mitigate this risk. Another vulnerability, CVE-2023-29336, is an 'elevation of privilege' weakness in Windows with low attack complexity and no user interaction. Microsoft patched a total of 48 security holes in this update release.
Before applying these updates, Microsoft recommends backing up systems and creating system images. The updates address several critical vulnerabilities, including a 'Secure Boot Security Feature Bypass' flaw exploited by the 'BlackLotus' bootkit malware. Prompt action is advised to ensure the security and stability of Windows systems.
Read also:
- Regensburg Customs Crackdown Nets 40+ Violations in Hotel Industry
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Germany Boosts EV Charging: 1,000 Fast-Charging Points on Motorways by 2026
- Albanese Invites LuLu Group to Australia as Free Trade Deal Takes Effect
