Skip to main content
  1. Home
  2. Computing
  3. News

Update Windows now — Microsoft just fixed several dangerous exploits

Add as a preferred source on Google

Microsoft has just released a new patch, and this time around, the update comes with fixes for several dangerous and actively abused vulnerabilities and exploits in Windows.

A total of 68 vulnerabilities were addressed in the patch, many of them critical. Here’s what was fixed and how to make sure your Windows device is up to date.

Person sitting and using an HP computer with Windows 11.
Microsoft

Microsoft regularly releases updates for Windows 11 and Windows 10, but this time around, it seems to have addressed a large number of pressing issues that could have put your computer at risk. As part of this month’s Patch Tuesday, a total of 68 flaws were fixed, and 11 of those are classified as critical. According to Bleeping Computer, those critical flaws allowed potential attackers to remotely execute malicious code, as well as elevated privileges, within the system.

Recommended Videos

Broken down into various categories, Microsoft’s latest update contains 27 vulnerabilities related to the elevation of privileges, 16 that allowed remote code execution, 11 that disclosed information, six denial of service vulnerabilities, four that let the attacker bypass security features, and three related to spoofing.

Perhaps more importantly, the patch fixes six zero-day vulnerabilities that were being actively exploited. According to Microsoft’s classification, a vulnerability is referred to as “zero-day” if it is actively exploited and/or known to the public, but doesn’t have an official fix yet.

The first of the exploits required that users with an affected version of Windows access a specific server. While there would be no way for the attacker to execute this exploit without the victim visiting a malicious server or website, once they did, the hacker would be granted remote code execution privileges. Another vulnerability granted attackers the ability to bypass Mark of the Web (MOTW) defenses, causing a lack of availability of several security features, including Protected View in Microsoft Office.

A couple of the other zero-day vulnerabilities granted system privileges, and that can lead to a complete loss of control over your PC. You can check out a full list of fixed issues here, courtesy of Bleeping Computer.

How to make sure your Windows is up to date

Windows 11 version 22h2 update.
Digital Trends

All in all, this seems like a patch that you don’t want to miss. The update should be rolling out to Windows users, and whether you’re using Windows 11 or Windows 10, you can head on over to your Windows Update and download it. There is also a longer guide on how to perform the update.

A simple way to do this is by clicking on the Windows icon in the bottom-left corner of your screen and typing in Windows Update, then clicking Check for updates. Next, click the button that lets you check for updates and download the new patch. If nothing is available yet, make sure to check back shortly — not all users always get every update at the same time.

Monica J. White
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
Study finds humans will talk to AI ghosts of the dead as reincarnations, and it’s pretty grim
The first AI ghost study is in. The results are about as complicated as you'd expect.
VR Headset, Person, Face

A new study from the University of Colorado Boulder confirms something that sounds both impressive and concerning. People find interacting with AI simulations of their dead loved ones deeply meaningful, and most will come away wanting to do it again.

The researchers call it a "generative ghost," which is a clear reference to generative AI, but I’d still prefer to call it unsettling.

Read more
Apple’s Hide My Email feature has an unfixed bug that leaves email addresses exposed
100% exploitable in limited testing, known since June 2025, and still unfixed as of today.
apple-merging-sign-in-with-apple-hide-my-email-icloud+

Apple has been selling Hide My Email to keep your real email address hidden, but it has a vulnerability that does the exact opposite. The worst part is that the company has known about it for a year. 

Hide My Email, part of Apple’s paid iCloud+ subscription, lets users generate anonymous email addresses for signing up to a website, so that their personal or work email remains free of promotional emails and spam. 

Read more
I hate sharing my Mac, but a face-unlocking app finally cured my privacy paranoia
Someone finally built the app locker every Mac user has been asking for.
FaceGate in action on Mac

If you have ever handed your Mac to a friend, family member, or coworker for "just a minute," you know the mild panic that follows. Sure, your Mac has a lock screen, but once someone is past it, they can open Messages, Photos, Notes, Mail, WhatsApp, and your browser.

iPhones had the same issue, but Apple solved it by adding an app lock feature with the iOS 18 update. Sadly, no such feature exists for macOS. That’s where the new FaceGate app for Mac can help you. It’s a free and open-source app that lets you lock apps on your Mac and even has some novel tricks up its sleeve. So, let’s talk about it, shall we?

Read more