Microsoft has released its latest patch Tuesday update, and you can see that 61 reports of these 61 security flaws as news of hackers
, including two zero-day hackers they have been exploited in the wild, one has been given a critical severity rating. 59 is rated as important and one has a moderate rating. If you want to take a closer look at each of these flaws, Microsoft has details such as a common vulnerability and Exposure (CVE) number, its severity rating, and whether it is currently being exploited or may be exploited in the future in the 2024-5 Security Update Guide.
If you are using one of the best Windows laptops or desktop computers running Windows, it is very likely that you are in the wild
Here are two zero-day fixes in this round of patches Tuesday updates along with tips on how to keep your Windows PC safe from hackers.
While most of these flaws are unlikely to be exploited by hackers in an attack, Microsoft, along with several cybersecurity companies, has observed that 2 of them have already been weaponized.
1 is a vulnerability in Windows MSHTML platform security feature bypass with a CVSS score of 8.8 (out of 10) (tracked as cve-2024-30040), and 1 is a vulnerability in Windows Desktop Window Manager Core Library elevation of privilege with a CVSS score of 7.8 (tracked as CVE-2024-30051).
In the advisory, Microsoft first zero-day runs code on vulnerable Windows PCs by persuading the victim to open a malicious document This malicious document may be included in a phishing email or sent as a message. Surprisingly, the victim does not even need to click or open it in order for the malware to become active and infect the system.
This round of patches A second zero-day Microsoft fixed in Tuesday's update could allow attackers to gain system privileges. This flaw was discovered simultaneously by researchers from Kaspersky, DBAPPSecurity WeBIN Lab and Google's Threat Analysis group, so it is likely to be widely used in hacker attacks.
A Kaspersky security researcher explained in a blog post that he saw this zero-day being used with QakBot and other malware. As such, they "believe that multiple threat actors can access it.""Kaspersky also notes that if enough Windows users have time to update their PCs, how this zero-day is being leveraged in malware campaigns
just like the best phones, the easiest way to keep your PC safe from cyberattacks, malware and other threats is to run the latest software." It is important to make sure that you have the right tools and tools to use them.
To do this, click the Start menu, select Settings, and then go to Update and Security. From here, select Windows Update and click the Check for Updates option. If any updates are available, you should download and install them as soon as possible and this is the Microsoft Patch Tuesday Update
If you are having trouble keeping your Windows PC updated, there is everything you need to know about how to update Windows11 and how to update Windows10. You can also use the following methods: Speaking of Windows10, Microsoft's previous operating system will end support on 10/14 next year, so it's a great time to upgrade to Windows11 if you don't have it yet. However, if your PC does not meet your requirements, it may be worth checking out the list of the best computers and the best laptops to replace your current machine.
In addition to installing the latest Windows updates, you should also consider investing in the best antivirus software. Microsoft Defender is a built-in antivirus that is pre-installed on all Windows PCs, but it can't match the features and regular updates you get with paid antivirus software. That should be enough to protect most people, but if you want to add peace of mind, paid antivirus is the way to go.
As Patch Tuesday happens on the second Tuesday of each month, we probably have even more security flaws that are quickly discovered and patched in Windows
.
Comments