On many occasions, security flaws appear that can compromise our devices. They can affect operating systems like Windows, applications, drivers. It is important to always correct them and prevent hackers from having a choice. In this article we echo the latest and important vulnerabilities that Windows has corrected. We’re going to explain why you should upgrade ASAP.
Microsoft fixes numerous bugs
Since Microsoft they have released security patches to fix a total of 121 bugs. One of these flaws, they indicate, is being exploited and that makes it even more important to correct it as soon as possible. It is a vulnerability registered as CVE-2022-34713, with a score of 7.8, which allows remote code execution and affects the Microsoft Support Diagnostic Tool.
According to reports, for this vulnerability to be executed, the user must open a specifically designed file. For example, through email an attacker could send a file and convince the victim to open it. From there someone could exploit this bug.
Another option is to sneak a malicious file through a web page. They can somehow invite the victim to click on a website and end up downloading a file. With this, the attacker would gain control.
Going back to the 121 bugs that Microsoft has fixed, 17 of them are rated as critical, 102 are important, one is moderate, and one is low risk. All of these security flaws can compromise your Windows system, so it’s a good idea to fix them.
In addition, Microsoft has resolved three privilege escalation bugs in Exchange, which could be exploited and put messages and attachments at risk. These are vulnerabilities that should also be taken into account and corrected. These three flaws are:
- CVE-2022-21980
- CVE-2022-24477
- CVE-2022-24516
What to do to protect Windows
As you can see, Microsoft has released a series of patches to correct numerous vulnerabilities. Some of them are classified as critical and can really be exploited and pose a significant security problem. This means that we must take action as soon as possible.
The first thing you need to do is to properly update Windows. To do this you can go to Start, enter Settings and go to Windows Update. There it will show you possible updates that are pending. It is important that you do not leave any files uninstalled and that the entire update completes successfully.
On the other hand, you have seen that some of these vulnerabilities are exploited by attackers through mistakes they cause the victim to make. For example, downloading an attached file that arrives by mail or downloading it from a web page that is actually a fraud. In this case, what you should do is maintain common sense and not make mistakes of this type.
Likewise, to further increase the security of Windows, it is interesting to have a good antivirus. There are many options, both free and paid, and you should always choose one with guarantees, one that works correctly and allows you to improve network security and avoid problems.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.