Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Users should update Windows immediately to fix 33 vulnerabilities
According to data from the Zero Day Initiative, Microsoft has patched more than 900 security vulnerabilities this year through Windows updates. There are no reports that these vulnerabilities have been made public or exploited in the wild, however, there are several notable vulnerabilities, including:
- CVE-2023-35628 (CVSS score: 8.1): Remote code execution vulnerability on Windows MSHTML platform
- CVE-2023-35630 (CVSS score: 8.8): Internet Connection Sharing (ICS) remote code execution vulnerability
- CVE-2023-35636 (CVSS score: 6.5): Microsoft Outlook information disclosure vulnerability
- CVE-2023-35639 (CVSS score: 8.8): Microsoft ODBC driver remote code execution vulnerability
- CVE-2023-35641 (CVSS score: 8.8): Internet Connection Sharing (ICS) remote code execution vulnerability
- CVE-2023-35642 (CVSS score: 6.5): Internet Connection Sharing (ICS) denial of service vulnerability
- CVE-2023-36019 (CVSS score: 9.6): Microsoft Power Platform connector spoofing vulnerability
- CVE-2023-36019 is also important because it allows an attacker to send a specially crafted URL to a target, leading to the execution of malicious scripts in the victim's browser.
Microsoft said hackers can manipulate a malicious link, application or file to disguise it as a legitimate link or file to trick victims.
To limit attacks, users should update Windows as soon as possible by clicking on the Start menu and selecting Settings - Security & Update - Windows Update - Check for Updates.
Microsoft's final Patch Tuesday of 2023 also fixes three vulnerabilities in the DHCP server service, which could lead to denial of service or information disclosure.
- CVE-2023-35638 (CVSS score: 7.5): DHCP server service denial of service vulnerability
- CVE-2023-35643 (CVSS score: 7.5): DHCP server service information disclosure vulnerability
- CVE-2023-36012 (CVSS score: 5.3): DHCP server service information disclosure vulnerability
This revelation also comes as Akamai discovered a new series of attacks against Active Directory domains using Microsoft's DHCP server.
'These attacks could allow attackers to spoof sensitive DNS records, stealing credentials,' Ori David said in a report last week.
However, Microsoft says that these issues are not serious enough to receive Windows updates, and asks users to disable DHCP DNS Dynamic Updates if not necessary and not to use DNSUpdateProxy.
Micah SotoYou should read it
- Microsoft patched a series of serious bugs for IE and Office next Tuesday
- Patch Tuesday security patch causes blue screen errors and slows down Windows 10
- Microsoft is about to release Patch Tuesday
- Microsoft released patches for more than 100 security holes on Windows
- Microsoft fixes 61 vulnerabilities in latest Windows update
- Microsoft releases new update for Windows 10 and 11, fixing VPN errors
- Microsoft confirms Patch Tuesday patch May 2022 causes AD authentication error
- Microsoft released an updated patch for 25 critical security holes
May be interested
- 950 million users should update the Telegram app immediately
cybersecurity firm eset has found a zero day vulnerability in the telegram app for android that allowed attackers to send malicious files disguised as videos, affecting millions of users. - Microsoft has released a critical update for Windows 10, users need to update nowmicrosoft recently released a critical update for windows 10 as well as windows server 2016 and windows server 2019 to fix a security vulnerability discovered by the u.s. national security agency (nsa) on april 14. 1 past.
- Immediately fix critical vulnerabilities in Windows NTLM security protocolresearchers on firewall preempt behavior have discovered two new vulnerabilities in windows ntlm security protocols. let's see what those holes are and how serious it is!
- Windows 7 users need to install Microsoft patches immediately to fix BlueKeep security errorstoday, windows 7 or older users need to install important patches to fix recently discovered security bugs on older windows versions.
- How to fix BlueKeep security error for Windows 2003, Windows XP, Windows 7, Windows Server 2008to fix the bluekeep security vulnerability, users need to disable rdp and block port 3389
- How to Uninstall a Windows 11 Updatethe fact that a new update causes problems or contains vulnerabilities is not strange to the windows user community.
- Update the IE patch immediatelynearly 2 million computers using ie browsers are affected, 10,000 websites infected and spreading malicious code exploiting errors is the number that confuses ie users
- Update KB5013943 fixes screen flickering and problems with .NET apps on Windows 11a series of issues have been fixed and a series of vulnerabilities have been patched in microsoft's windows 11 update kb5013493 and patch tuesday may 2022.
- Detecting a serious security flaw on Viber Desktop, users need to update immediatelythe research team of vncert/cc center recently issued a warning about a serious security hole in the viber desktop chat application - the viber chat application installed on users' computers, to the development team. viber products to fix.
- Google urged Chrome users to update the new version immediately to fix the vulnerabilityimmediately after reading this article, you must remember to update your google chrome immediately to the latest version!
Security solution
- Microsoft fixes 61 vulnerabilities in latest Windows update
- Should I download the CyberGhost VPN Free Proxy browser add-on?
- Should you use a password generator to protect your online accounts?
- 11 most effective antivirus software for Windows 2023
- The most common ways that hackers use to hack your Facebook account
- Is it more secure to store passwords with hardware or software?
Microsoft fixes 61 vulnerabilities in latest Windows update
Should I download the CyberGhost VPN Free Proxy browser add-on?
Should you use a password generator to protect your online accounts?
11 most effective antivirus software for Windows 2023
The most common ways that hackers use to hack your Facebook account
Is it more secure to store passwords with hardware or software?