Blog

Microsoft has issued a new security patch for Windows that has not one, not two, but six zero-day vulnerabilities. The July 2023 Patch was released earlier this week, which also suggests the security update will fix around 132 flaws in the operating system.

The six of these are zero-day issues that have actively been exploited as per the company. The zero-day security is termed for any attack that has been publicly disclosed but there is no official fix for it.

Microsoft has already given a fix for five of the six serious issues. Interestingly, while there are hundreds of security flaws in the previous version, Microsoft has only categorised nine of them as critical, the report here explains.

The one RCE flaw which is yet to be fixed has become a serious concern for cybersecurity firms, who have seen multiple exploits in the open. In addition to these, the company has still not fixed the vulnerabilities in the Microsoft Edge browser with this patch, and we are hoping that it will be resolved by next month.

Most of the urgent issues posed threat of remote code execution which could allow any bad actor to access the affected machines and take control of its data, processes and more. Microsoft is reportedly investigating the slew of issues reported in the previous weeks, and is also aware about its possible threat to the affected consumers.

One of the security issues is also related to Office files, which could be created by the attacker to remotely gain access to the system. Having said that, the company assures that only if the malicious file is opened by the victim, can the vulnerability be exploited. There are some security risks related to the Windows drivers that can be installed by abusing a loophole in the system to install the malicious kernel-mode drivers.