1. A critical zero-click security flaw in all versions of Windows allows for wormable remote code execution; 2. Microsoft has assigned a severity score of 9.8/10 to CVE-2024-38063; 3. The vulnerability was discovered by Chinese researcher Xiao Wei and has been patched by Microsoft, along with other zero-day vulnerabilities.