Microsoft patches gaps according to NSA information
Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…