From malwarebytes.com
It’s that time of the month again. For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities. Nine of the vulnerabilities are rated as critical and four of them are known to be actively exploited.
The Cybersecurity & Infrastructure Security Agency (CISA) has already added these four vulnerabilities to the catalog of known to be exploited vulnerabilities.
The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The actively exploited vulnerabilities are listed as:
CVE-2023-32049 (CVSS score 8.8 out of 10): a Windows SmartScreen Security Feature Bypass vulnerability. The user would have to click on a specially crafted URL to be compromised by the attacker in which case the attacker would be able to bypass the Open File – Security Warning prompt.