Microsoft has uncovered 72 security vulnerabilities in the Windows code. Among the vulnerabilities identified by the publisher are several critical flaws and, more importantly, five breaches actively exploited by cybercriminals.
Five vulnerabilities capable of hacking your PC
The first vulnerability identified by Microsoft concerns the Windows Desktop Window Manager (DWM) component, which is responsible for the graphical display of the user interface. By exploiting a memory management error, an attacker with limited local access can gain elevated privileges.
The second flaw affects the Windows Common Log File System (CLFS) driver, a key Windows component used to record the steps of an operation and recover the system after a crash. The component operates at the Windows kernel level. According to Microsoft, the flaw allows a hacker to take complete control of the system. The third breach concerns the same component. Again, the flaw allows an attacker with limited local access to gain elevated privileges.
A vulnerability has also been identified in the Windows Ancillary Function Driver for WinSock (afd.sys), another essential component of the OS that plays a central role in managing network communications. Exploitation could lead to total control of the computer.
Finally, the last flaw affects theMicrosoft Scripting Engine, the component that allows script execution. According to Microsoft, a hacker can exploit this flaw by tricking a user into clicking on a booby-trapped link via Microsoft Edge or Internet Explorer. Once this is done, the attacker can deploy malware on the victim's computer without the victim realizing it. Using the engine and scripts, it can then execute code on the system. Microsoft has remained silent on how the five vulnerabilities were exploited by hackers. Regardless, these are critical flaws that could have disastrous security consequences.
Unsurprisingly, the American publisher used its latest Patch Tuesday to patch all the Windows vulnerabilities. Microsoft has included a series of fixes in the update. We strongly recommend installing it on your computer. To install the latest Windows updates, open the Start menu, go to Settings, and then click Update & Security. In the section titled Windows Update, click Check for updates. If updates are available on your machine, they will be automatically downloaded and installed. You may be prompted to restart your PC.
Source: Microsoft
0 Comments