Microsoft released a new update, download this version to avoid hackers

The biggest security flaw detected by Microsoft is CVE-2025-33053, which affects an HTTP extension called Web Distributed Authoring and Versioning (WebDAV). According to Microsoft, this zero-day security flaw has a CVSS score of 8.8 and was actively exploited to trick users into clicking on malicious URLs.

Check Point researchers David Driker and Alexandra Gofman uncovered the flaw, and the company says a threat actor known as FruityArmor or Stealth Falcon used the CVE-2025-33053 vulnerability. This security flaw allowed hackers to remotely execute code on the target's computer by changing the working directory.

Microsoft also patched another zero-day vulnerability in the Windows SMB (Samba) client that a malicious user might use to gain privileged (or system) access to equipment on the same local network. According to Microsoft, the issue was due to incorrect access control in the Windows SMB client.

Earlier this month, the company rolled out several security fixes for the Microsoft Edge browser that were previously released by the Chromium project. One of these vulnerabilities, CVE-2025-5419, is a zero-day security flaw that was exploited before Google patched it. Users who are on the latest stable release (version 137.0.3296.62) are protected from these security flaws.