Security updates are crucial to install as soon as they become available. When an update appears on your smartphone or computer, it’s essential to patch the discovered security issues. For PC users, it’s particularly important to install the latest security update, containing nearly 100 patches, including one for an actively exploited vulnerability.
Patching a multitude of flaws
Microsoft’s latest update includes patches for an astonishing 97 security flaws, as reported by The Hacker News. Security vulnerabilities vary in severity, with seven flaws in this update rated as “Critical” and the remaining ones classified as “Important.” An update for PCs is crucial to address these issues. While you can’t choose which patches to install, it’s useful to be aware of the most serious flaws.
This update features patches for 45 remote code execution flaws, allowing bad actors to run any code on your machine, and 20 elevation of privilege flaws, granting bad actors access to system controls reserved for administrators. The full count of vulnerability types is as follows:
- 45 remote code execution vulnerabilities
- 20 elevation of privilege vulnerabilities
- 10 information disclosure vulnerabilities
- 9 denial of service vulnerabilities
- 8 security feature bypass vulnerabilities
- 6 spoofing vulnerabilities
However, one flaw stands out as the most severe: CVE-2023-28252. Microsoft confirmed that this zero-day vulnerability is actively exploited, meaning bad actors have already used it to target and attack Windows users. Microsoft states that “an attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” essentially allowing them to take control of your PC.
Identifying the exploiters
While it’s often unclear who actively exploits specific security flaws, this case is different. Cybersecurity firm Kaspersky identified a cybercrime group using this exploit to launch ransomware attacks on businesses across Asia, the Middle East, and North America. Even the Cybersecurity and Infrastructure Security Agency (CISA) has ordered its agencies to patch this vulnerability by May 2.
Update PC with the latest security patch on Windows
To install this latest security update and patch these 97 vulnerabilities, ensuring your PC stays protected, follow these steps:
For Windows 11: Go to Start > Settings > Windows Update.
For Windows 10: Go to Start > Settings > Update & Security > Windows Update.
{{user}} {{datetime}}
{{text}}