Hackers Exploit Critical Zero-Day Vulnerability to Bypass Windows Defences

Update your operating system as soon as possible to protect your devices.

Microsoft’s latest Patch Tuesday release for March 2023 brings vital fixes, including nine critical vulnerabilities and 74 lower-severity issues. Within this batch, two zero-day vulnerabilities demand your attention, as hackers have already initiated attacks leveraging them.

The first zero-day, labelled as CVE-2023-24880, presents a dangerous capability to bypass Windows’ built-in defences against potentially harmful files sourced from the web. The consequence? Your operating system could become susceptible to malware infiltration, as its ability to recognise and thwart such threats is compromised.

The second zero-day pertains to Microsoft Outlook, a widely-used email client. This flaw enables attackers to masquerade as their victims and access sensitive, potentially confidential information. A cunningly crafted email, triggering an attack upon arrival in your inbox, can compromise your data – even if the email remains unopened.

To shield your devices from these imminent threats, we strongly urge you to promptly install the latest updates. Detailed instructions can be found on the Microsoft Support page for Windows. Your swift action is a key step toward maintaining the integrity and security of your digital environment.