Update Windows Now to Fix These Security Vulnerabilities
In an ideal world, software should not have security vulnerabilities. The code must be written perfectly, eliminating any bugs or glitches in the system that could be exploited for hacking or other malicious purposes. No matter how hard the developers try to make this a reality, the truth is that we will always have imperfect software, which means that we will always have new security vulnerabilities to find and fix. Microsoft has such a patch for Windows PC right now and you should install it ASAP.
As reported by Bleeping Computer , Microsoft released the “Patch Tuesday” update for this month yesterday, Tuesday, June 14th. One would expect a Patch Tuesday update from Microsoft, but it fixes some serious bugs that you shouldn’t ignore. There are 55 patches in total, but three of them are marked as “Critical”: these vulnerabilities allow remote code execution, which allows attackers to manipulate and run programs on your computer. Three critical security vulnerabilities:
- CVE-2022-30163 : Windows Hyper-V remote code execution vulnerability.
- CVE-2022-30139 : A Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability.
- CVE-2022-30136 : A remote code execution vulnerability exists in the Windows Network File System.
In total, this update fixes 27 remote code execution vulnerabilities, 12 privilege escalation vulnerabilities, 11 information disclosure vulnerabilities, three denial of service vulnerabilities, one spoofing vulnerability, and one security feature bypass vulnerability. Click here for a complete list of these vulnerabilities and their IDs.
However, the biggest fix this time around is the patch for the zero-day vulnerability known as Follina. This vulnerability, identified as CVE-2022-30190 , was discovered last month: it allowed attackers to execute PowerShell commands on victims’ computers from a simple, malicious Word document. These documents can be sent through normal channels such as email, and when opened by an unsuspecting user, the sender can exploit a PowerShell vulnerability using the Windows Microsoft Diagnostic Tool (MSDT).
According to Bleeping Computer, this exploit was used to attack US government agencies, Ukrainian media, and distribute QBot malware. Its inclusion on June 2022 Patch Tuesday makes it a must-have. Interestingly, though, last month’s May security patch actually put out more fires than this June update: Tuesday’s latest patch fixed 75 common flaws with three zero-day exploits.
How to update Windows to get the latest patches on your computer
Your computer may automatically install these security updates. However, to make sure they are installed as quickly as possible, select Start > Settings > Update & Security > Windows Update (Windows 10) or Start > Settings > Windows Update (Windows 11). Allow Windows to check for available updates: If a fix is available, you’ll see it here. You can then simply follow the on-screen instructions to download and install the update on your computer.