Microsoft has released a new patch that seeks to address dozens of security holes in its Windows operating systems as well as "zero day" vulnerabilities., marking potential risks to users and other entities.

The tech giant warned that these issues are already being exploited by nefarious individuals in active attacks. The zero-day threats are said to be targeting Microsoft this month and include CVE-2023-36025. This is a weakness that allows malicious content to bypass the Windows SmartScreen Security feature.

Microsoft"s New Patch

Microsoft Releases New Patch To Address Dozens of Security Holes, Including Zero Day Vulnerabilities
(Photo : Fabrice COFFRINI / AFP) (FABRICE COFFRINI/AFP via Getty Images)
Microsoft released a new patch that sought to address dozens of security holes as well as zero-day vulnerabilities that posed risks to users and other entities.

This is a built-in Windows component that attempts to detect and block malicious websites and files. Microsoft's security advisory for this particular flaw said that attackers could exploit it by getting a Windows user to click on a booby-trapped link to a shortcut file.

The senior director of threat research at Immersive Labs, Kevin Breen said that emails with .url attachments or logs with processes spawning from .url files should be a "high priority" for those who are hunting threats. This is given the active exploitation of this particular vulnerability in the wild, as per Krebs on Security.

The second zero-day that was identified this month is CVE-2023-36033, which is a vulnerability in the "DWM Core Library" in Microsoft Windows. It was exploited in the wild as a zero-day and publicly disclosed prior to patches being available.

It is said to affect Microsoft Windows 10 and later versions as well as Microsoft Windows Server 2019 and subsequent versions. The president and co-founder of the security firm Action1, Mike Walters said that this vulnerability can be exploited locally with low complexity and without the need for high-level privileges or user interaction.

He added that attackers who are exploiting this particular flaw could gain SYSTEM privileges, which makes it an efficient method for escalating privileges, especially after gaining initial access through methods such as phishing.

Read Also: China Allegedly Harassing Americans Using World's Largest Disinformation Scheme 

Fixing Bugs and Exploits

While the new Microsoft patch was able to fix 14 remote code execution (RCE) bugs, the company only rated one as critical. There were also three critical flaws that were fixed and are an Azure information disclosure bug, an RCE in Windows Internet Connection Sharing (ICS), and a Hyper-V escape flaw, according to Bleeping Computer.

The total 58 flaws that were addressed in the recent patch did not include five Mariner security updates and 20 Microsoft Edge security updates that were released earlier this month. On top of the fixes, Microsoft also said that two other publicly disclosed zero-day bugs, CVE-2023-36413 and CVE-2023-36038, were addressed.

The manager of vulnerability and threat research at Qualys, Saeed Abbasi said that Windows Cloud Files Mini Filter Driver, which was among the affected by the flaws, is a component that is essential to the functioning of cloud-stored files on Windows systems.

He noted that the widespread presence of this particular driver in nearly all Windows versions raises the risk and provides a broad attack surface, Abbasi said that it is currently under active attack and poses a significant risk, especially when it is paired with a code execution bug, said DarkReading.

Related Article: Michigan: McLaren Health Care Data Breach Exposes Info of Millions of Americans 

@ 2024 HNGN, All rights reserved. Do not reproduce without permission.