Photo: Thannaree Deepul (Shutterstock)
Cybersecurity is constantly in the news, and for good reason. Bad actors are always on the lookout for vulnerabilities in software to exploit for personal gain: Your PC, running Windows and an assortment of apps, is in the crosshairs, so when Microsoft drops updates to patch security flaws and vulnerabilities as they’ve done this month, you should install them as soon as possible.
These latest security updates from Microsoft patch a staggering 128 security vulnerabilities in not just Windows, but other programs, including Office, Skype for Business, Edge, Defender, Exchange Server, and more. While the number of vulnerabilities is concerning, what’s more concerning are the two zero-day vulnerabilities this update patches, including one actively exploited flaw.
Identified as CVE-2022-24521, the actively exploited flaw is an elevation of privilege vulnerability in the Windows Common Log File System. According to Microsoft, this vulnerability has already been exploited in the wild, which is bad news for any PC that hasn’t installed this patch yet: Any bad actors that know how to exploit this flaw could, theoretically, use it against your system, which is why it’s important to update ASAP.
The other major flaw of concern is CVE-2022-26904, another privilege-escalation vulnerability, this time concerning the Windows User Profile Service. Unlike the previous vulnerability, this flaw doesn’t appear to have been exploited yet, but it is publicly known, meaning an exploit could happen at any time.
While these two zero-day vulnerabilities are the highlights of these new updates, the other 126 flaws shouldn’t be ignored, either. In total, Microsoft has rated 10 flaws “Critical,” 115 “Important,” and three “Moderate.” In order to protect your PC from all 128 flaws, make sure to install the security updates soon.
G/O Media may get a commission
23% Off
Shark Ion Robot Vacuum
Keep it clean
Features three different brush types, learns the layout of your home to avoid getting stuck and damaging things, and can be controlled via an app on your phone.
How to update your PC to install the latest security patches
It’s possible Windows will give you a heads up about these new updates, and then begin installing them automatically. However, if not, you’ll need to install them manually from Settings.
Go to Start > Settings > Update & Security > Windows Update (Windows 10) or Start > Settings > Windows Update (Windows 11). Allow Windows to check for any available updates. If the patch is available, you’ll see it here. Then, you can simply follow the on-screen instructions to download and install the update to your machine.
[The Hackers News]