You Need to Update Your Windows Computer Immediately
As long as there are computers, there will be bugs crawling inside them. You know, metaphorically. Lucky for us Windows users, Microsoft just squashed another batch of them. If you are using a PC and have not yet installed this update, you will want to do so immediately.
As reported by Bleeping Computer , Microsoft released the March 2022 Update on Patch Tuesday. The update contains fixes for 71 known vulnerabilities, ranging from issues such as privilege escalation, denial of service, and spoofing. In addition, the company has fixed 21 Chromium vulnerabilities for Microsoft Edge.
Fixing security flaws is always important, and you should install every patch to protect yourself from any issues identified by Microsoft. However, this time around, there are three flaws that are potentially more dangerous than the others:
- CVE-2022-21990 – Remote Desktop Client Code Execution Vulnerability
- CVE-2022-24459 – Windows Fax and Scan Service Elevation of Privilege Vulnerability
- CVE-2022-24512 – Remote Code Execution Vulnerability in .NET and Visual Studio
These three entries are known as zero-day vulnerabilities, which means that the flaws have been publicly identified as known threats. Unlike other issues fixed by Microsoft, these vulnerabilities were known to everyone who paid attention to them, which meant that attackers could find a way to exploit them. While Microsoft says none of the vulnerabilities were actively exploited, the company acknowledged the existence of experimental exploits for CVE-2022-21990 and CVE-2022-24459.
According to Bleeping Computer, Microsoft believes that these two other vulnerabilities could also be exploited in due course:
- CVE-2022-24508 – Windows SMBv3 Client/Server Remote Code Execution Vulnerability
- CVE-2022-23277 – Remote Code Execution Vulnerability in Microsoft Exchange Server
Security patches are a double-edged sword (a lot of weight, of course, is on the side of good). On the one hand, Microsoft fixes security issues that could theoretically be used against you. On the other hand, now that all bugs have been found and fixed, attackers can take a closer look at them and come up with ways to harm users who have not yet updated.
This makes it mandatory to update your PC as soon as possible.
How to update your computer to install the latest security patches
Windows can simply tell you that you have an update available and start installing it automatically. If not, you will need to manually check for updates to get things moving forward.
To do this, go to Start > Settings > Update & Security > Windows Update (Windows 10) or Start > Settings > Windows Update (Windows 11). From here, Windows may take some time to check for available updates. If a patch is available, you will see it here. You can then simply follow the on-screen instructions to download and install the update on your computer.
[ BleepingComputer ]