A critical vulnerability was recently discovered in both Windows 10 and Windows 11, which allowed malware to be installed on affected systems. Microsoft swung into action immediately and has released a security update that fixes the vulnerability. The company said that the bug can be exploited by attackers and malware can be installed on user devices. This vulnerability exists in the ms-appinstaller Uniform Resource Identifier (URI) scheme. Attackers can use this vulnerability to bypass conventional security measures and quietly implant dangerous software when users browse the web.
The Vulnerability & Patch
The vulnerability, known as CVE-2023-44234, allowed attackers to exploit a weakness in the Windows operating system, enabling them to install malware without user interaction. This vulnerability could lead to a compromise of the confidentiality, integrity, and availability of affected systems. The vulnerability was rated as Critical by the MSRC, as it allowed for code execution without user interaction. This could result in self-propagating malware or unavoidable common-use scenarios where code execution occurs without warnings or prompts.
Gizchina News of the week
In response to this critical vulnerability, Microsoft released a security patch that addresses the issue and prevents malware from being installed on affected systems. The patch is recommended for immediate application, as it mitigates the risk associated with this vulnerability. Attackers use ms-appinstaller to hide shortcuts and secretly install malware on victim PCs. However, Microsoft has disabled this shortcut in this patch. This also means that any app downloaded from the website must pass the security check like a normal file download. You can click here to read related instructions as well as get the patch download link. The patch also addresses the issue and helps users / IT administrators keep their devices secure and compliant.
Conclusion
The release of this security patch by Microsoft is a crucial step in addressing the critical vulnerability in Windows 10 and Windows 11. Users and IT administrators are encouraged to apply the patch immediately to protect their devices from potential malware attacks. By doing so, they can maintain the security and compliance of their systems, ensuring a safe and secure computing environment.
