Microsoft has just released a new patch, and this time around, the update comes with fixes for several dangerous and actively abused vulnerabilities and exploits in Windows.
A total of 68 vulnerabilities were addressed in the patch, many of them critical. Here’s what was fixed and how to make sure your Windows device is up to date.
Microsoft regularly releases updates for Windows 11 and Windows 10, but this time around, it seems to have addressed a large number of pressing issues that could have put your computer at risk. As part of this month’s Patch Tuesday, a total of 68 flaws were fixed, and 11 of those are classified as critical. According to Bleeping Computer, those critical flaws allowed potential attackers to remotely execute malicious code, as well as elevated privileges, within the system.
Broken down into various categories, Microsoft’s latest update contains 27 vulnerabilities related to the elevation of privileges, 16 that allowed remote code execution, 11 that disclosed information, six denial of service vulnerabilities, four that let the attacker bypass security features, and three related to spoofing.
Perhaps more importantly, the patch fixes six zero-day vulnerabilities that were being actively exploited. According to Microsoft’s classification, a vulnerability is referred to as “zero-day” if it is actively exploited and/or known to the public, but doesn’t have an official fix yet.
The first of the exploits required that users with an affected version of Windows access a specific server. While there would be no way for the attacker to execute this exploit without the victim visiting a malicious server or website, once they did, the hacker would be granted remote code execution privileges. Another vulnerability granted attackers the ability to bypass Mark of the Web (MOTW) defenses, causing a lack of availability of several security features, including Protected View in Microsoft Office.
A couple of the other zero-day vulnerabilities granted system privileges, and that can lead to a complete loss of control over your PC. You can check out a full list of fixed issues here, courtesy of Bleeping Computer.
All in all, this seems like a patch that you don’t want to miss. The update should be rolling out to Windows users, and whether you’re using Windows 11 or Windows 10, you can head on over to your Windows Update and download it. There is also a longer guide on how to perform the update.
A simple way to do this is by clicking on the Windows icon in the bottom-left corner of your screen and typing in Windows Update, then clicking Check for updates. Next, click the button that lets you check for updates and download the new patch. If nothing is available yet, make sure to check back shortly — not all users always get every update at the same time.
- Hackers just stole LastPass data, but your passwords are safe
- Hackers’ Cyber Monday deals will be unbelievably good
- Windows 11 vs. Windows 10: Finally time to upgrade?
- Hackers sink to new low by stealing Discord accounts in ransomware attacks
- The most common Wi-Fi problems and how to fix them