Windows 11 and other Microsoft software get fixes for 132 vulnerabilities in latest patches

Microsoft fixed 132 vulnerabilities in its latest releases for Patch Tuesday this week, including six zero-day flaws.

2

Those fixes spanned the entirety of its software ecosystem, meaning Windows 11 and Windows 10, as well as the Office apps and various other Microsoft products.

As mentioned, six were zero-day vulnerabilities, meaning they became public knowledge before a fix was issued, and were exploited as such. But the good news is that the cures are here with these new patches.

For Windows 11, that means the latest KB5028185 update (which comes with Moment 3 features, as you may be aware).

In total, nine security flaws were rated 'critical', with 122 rated as 'important,' and the remaining single vulnerability wasn't classified for severity (it wasn't much of a threat, in other words).

The most common vulnerabilities were Remote Code Execution (37 of them) and Elevation of Privilege exploits (33).

TechSpot, which highlighted the fixes, points out that one of the most high-profile affairs cured here is CVE-2023-36884, a Remote Code Execution flaw in Windows and Office.

That one is leveraged via a crafted Word document that tries to trick the user into opening a malicious file, and apparently was employed in targeted attacks against authorities in the US and Europe, allegedly by a Russian hacker syndicate.

Recently, Microsoft has also been strengthening Windows 11's defenses against hackers by introducing Rust to the kernel, as we covered recently - and the first real step has just been taken with Rust in the latest preview build in the Canary channel.

Microsoft's eventual goal is to shore up the security of Windows 11 with 'significant security updates' as time rolls on. Better security has been one of the main aims with the OS from the start, hence the system requirement for TPM (which has not been popular in some quarters, but undeniably toughens things up).