Microsoft's Ongoing Battle Against Security Flaws: Latest Patch Updates and Fixes.

May 12, 2023 at 11:17 PM

•

1 min read

Microsoft's Ongoing Battle Against Security Flaws: Latest Patch Updates and Fixes. — Photo: The Register

TL;DR Summary

Microsoft has released a patch to fix a vulnerability in its MapUrlToZone function in the Windows API that was being exploited by hackers to bypass a previous patch for a security hole in Outlook. The original bug allowed attackers to leak victims' Windows credentials by sending them an email with a custom notification sound that could be specified as a URL path within the email. The new patch is for the underlying MSHTML platform in Windows, and all versions of the OS are affected by the bug. Microsoft is recommending organizations fix both the new vulnerability and the earlier CVE-2023-23397.

Topics:technology #cybersecurity #microsoft #outlook #patch #security-hole #vulnerability

Share this article

Why Microsoft just patched a patch that squashed an under-attack Outlook bug The Register
Microsoft's May 2023 Patch Tuesday update fixes a laundry list of security flaws in Windows 11 Windows Central
Microsoft is working on a mega security patch for some of its most crucial issues TechRadar
Microsoft patches bypass for recently fixed Outlook zero-click bug BleepingComputer
Microsoft will take nearly a year to finish patching new 0-day Secure Boot bug Ars Technica

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

89%

905 → 100 words

Want the full story? Read the original article

Read on The Register

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights