Critical zero-day vulnerability allows hackers to bypass Windows defenses
Update your operating system as soon as possible to protect your devices.
Microsoft has fixed nine critical vulnerabilities and 74 less dangerous issues as part of its March 2023 Patch Tuesday. Two of the 83 issues addressed in the patch are zero-day vulnerabilities that hackers are already actively using in attacks.
One of these two – CVE-2023-24880 – allows an attacker to bypass Windows’ defenses against potentially dangerous files originating from the web. This can result in the operating system being unable to recognize and block malware.
The other zero-day was found in Microsoft Outlook and allows attackers to pretend to be their victim and access potentially confidential information. This is done by sending a very specific email that triggers an attack as soon as it reaches your inbox – even if you don’t open it.
We recommend you install the latest update as soon as possible to protect your devices. For instructions, see the Microsoft Support page for Windows.
Recently, Microsoft has released a patch update for their operating system, including fixes for nine critical and 74 less severe vulnerabilities. Out of these, two critical vulnerabilities are zero-day vulnerabilities, which means they are already being exploited by hackers.
One of the zero-day vulnerabilities, identified as CVE-2023-24880, allows an attacker to bypass Windows' built-in protection against potentially harmful files coming from the internet. This vulnerability can result in malware being able to infect your system without being detected by the operating system.
The other zero-day vulnerability affects Microsoft Outlook and enables attackers to access sensitive information by impersonating their victims. They achieve this by sending an email that triggers an attack as soon as it reaches the victim's inbox, without even needing to open it.
It is highly recommended that users update their operating system as soon as possible to protect their devices from these vulnerabilities. Instructions on how to update your system can be found on Microsoft's Support page for Windows.
