Security News > 2024 > May > Microsoft fixes Windows zero-day exploited in QakBot malware attacks
![Microsoft fixes Windows zero-day exploited in QakBot malware attacks](/static/build/img/news/microsoft-fixes-windows-zero-day-exploited-in-qakbot-malware-attacks-medium.jpg)
Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems.
Kaspersky security researchers discovered the vulnerability while investigating another Windows DWM Core Library privilege escalation bug tracked as CVE-2023-36033 and also exploited as a zero-day in attacks.
Microsoft fixes two Windows zero-days exploited in malware attacks.
Apple backports fix for zero-day exploited in attacks to older iPhones.
Google Chrome emergency update fixes 6th zero-day exploited in 2024.
Google fixes fifth Chrome zero-day exploited in attacks this year.
News URL
Related news
- New Latrodectus malware attacks use Microsoft, Cloudflare themes (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
- Microsoft says April Windows updates break VPN connections (source)
- Microsoft: April Windows Server updates cause NTLM auth failures (source)
- Microsoft won't fix Windows 0x80070643 errors, manual fix required (source)
- Microsoft warns of "Dirty Stream" attack impacting Android apps (source)
- Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications (source)
- Finland warns of Android malware attacks breaching bank accounts (source)
- Microsoft tests using MT/s for memory speed in Windows 11 Task Manager (source)
- Microsoft: April Windows Server updates also cause crashes, reboots (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2023-36033 | Unspecified vulnerability in Microsoft products Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |