Why Today’s Patch Tuesday Is so Important for Windows Users
If you are a Windows user, all Patch Tuesdays should be important, except when Microsoft runs a patch and actually makes your Windows system worse than it used to be. Getting the latest features and security updates for your system – mostly the latest – should be something you look forward to every month. But today’s patch Tuesday is even more important than many others.
First, if you’re still clinging to Windows 7 , know that today marks the last patch Tuesday you’ll ever experience. Unless Microsoft backs down and decides to release future fixes when huge vulnerabilities are discovered, this is the last round of security updates you will receive for your operating system. Make sure you install them, because from now on you are on your own.
Windows 10 users have a vulnerability that needs to be fixed
Today is also a big day for the rest of you, as Microsoft is supposedly fixing a fairly large security vulnerability affecting Windows 10 and Windows Server 2016. The company has alerted a number of large organizations in advance to this issue, including the United States. military. And it looks like the fixes they received (before you) came with a “do not disclose” clause, since until now no one has spoken openly about the vulnerability.
The vulnerability in question affects the crypt32.dll Windows module . As security expert Brian Krebs describes:
“A critical vulnerability in this Windows component could have serious security implications for a number of important Windows features, including authentication to Windows desktops and servers, the protection of sensitive data processed by Microsoft Internet Explorer / Edge browsers, and a number of third-party applications and tools.
Equally important, the crypt32.dll vulnerability can also be exploited to forge a digital signature associated with certain software. This vulnerability could be exploited by attackers to present malware as a harmless program created and signed by a legitimate software company. ”
Sounds serious? The curious thing about this vulnerability is the amount of controversy over whether this is really a big deal or not.
As far as I understand, the vulnerability lays the foundation for future attacks, and is not something that attackers actively exploit at the present time. In other words, I would not stop there, to immediately update your home system, once the fall of the second patch Microsoft – that has already happened, if you are reading this (KB4528760 through Windows Update). But don’t waste your time.
And just in case, if Microsoft’s first Tuesday of the year of patching has issues of the year, you can always take advantage of the ultra-secure way to back up your system before installing today’s updates. Whether you just want to save important files elsewhere or create a complete disk image is up to you – it depends on how much you trust Microsoft and its patching process (and whether Microsoft will allow you to rollback this update if anything something goes wrong. haywire).