Microsoft It recently released the first new Windows update in 2023 and this company has fixed nearly 98 security flaws by providing this update. According to Microsoft, one vulnerability among others has been actively used by hackers. 11 out of 98 cases were considered as critical vulnerabilities and security flaws and have a higher risk severity, in this regard, it is expected that Microsoft will also release updates for its Edge browser in the coming days in addition to Windows.
One of the vulnerabilities, known as tracking number CVE-2023-21674, is a security flaw in Windows Local Procedure Calls (ALPC) that could allow an attacker to gain system access. Microsoft has also mentioned in its statements in this regard that by using this vulnerability it is possible to escape from the sandbox of the Edge browser and has praised the security researchers of the German company Avast for reporting these cases.
While the details of this vulnerability are not yet known, a successful exploit requires that the attacker has already performed an initial intrusion into the victim’s computer. This security bug is probably combined with another problem in the Edge browser, and the reason for its high score and the ability to escape from the browser’s security sandbox is probably the same.
Microsoft has finally updated its guidelines around the malicious use of signed drivers in the list included in this recent Windows update, and blocked drivers have been included in this update. In the past days, Microsoft also made available the latest security update for Windows 7 and 8.1 and advised users and companies to upgrade their operating systems to the latest version of Windows 11.
- Microsoft has ended support for Windows 7
- Sound simulation in 3 seconds with the help of Microsoft’s new artificial intelligence VALL-E
- Microsoft’s acquisition of a provider of advanced hollow fiber optic technology