According to GizChina , Microsoft said that the above Windows 11 and 10 vulnerability can be exploited by attackers and install malware on users' devices. This vulnerability exists in the uniform resource identifier (URI) scheme ms-appinstaller. Attackers can use this vulnerability to bypass common security measures and silently install malicious software while users browse the web.
Microsoft recommends updating Windows 11 and 10 patches
The vulnerability, tracked as CVE-2023-44234, allows an attacker to exploit a vulnerability in Windows to install malicious software without user interaction. This vulnerability could compromise the confidentiality, integrity, and availability of affected systems. The vulnerability is rated critical because it allows code execution without user interaction. This could lead to self-installing malware or other remote execution scenarios without warning or prompts.
In response to this critical vulnerability, Microsoft has released a security patch to address the issue and prevent malware from installing on affected systems. The patch is recommended to be applied immediately as it mitigates the risk associated with the vulnerability on Windows 11 and 10. Attackers use ms-appinstaller to hide shortcuts and secretly install malware on victim PCs. However, Microsoft has disabled this shortcut in the newly released patch, which also means that any application downloaded from the website must pass security checks like a regular file download. The patch also addresses the issue and helps users/IT administrators keep their devices safe.
Microsoft’s release of this security patch is an important step in addressing a critical vulnerability in Windows 11 and 10. Users and IT administrators are encouraged to apply the patch immediately to protect their devices from potential malware attacks. By doing so, they can maintain system security and compliance, ensuring a safe and secure computing environment.
Source link
Comment (0)