Strange IndiaStrange India

Microsoft pushed its March Patch Tuesday update yesterday to compatible PCs, and it’s not one you want to miss. This update addresses a substantial number of Windows security vulnerabilities: There are 61 patches in total here, two of which are labeled as “critical.” While it’s important to patch every security vulnerability a developer discovers, it’s particularly important to address the flaws that could put users at the most risk. 

The two critical flaws are tracked as CVE-2024-21407 and CVE-2024-21408. Both vulnerabilities affect Hyper-V, a “hypervisor” that can run virtual machines within Windows. (Essentially, that’s the ability to emulate a full computer within your computer.) The former flaw could enable remote code execution, in which a bad actor runs their own code on your machine, while the latter could enable a denial of service (DoS) situation, in which bad actors shut you out of your own network or machine.

Luckily, Microsoft did not disclose that these two critical security vulnerabilities had any active exploitation at this time. That said, the company did flag six of the flaws as “exploitation more likely“ which suggests that bad actors could potentially discover these vulnerabilities and figure out how to exploit them.

Those six flaws are:

  • CVE-2024-21433: Windows Graphics Component Elevation of Privilege Vulnerability

  • CVE-2024-21437: Windows Print Spooler Elevation of Privilege Vulnerability

  • CVE-2024-26160: Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

  • CVE-2024-26170: Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

  • CVE-2024-26182: Windows Kernel Elevation of Privilege Vulnerability

  • CVE-2024-26185: Windows Compressed Folder Tampering Vulnerability

Interestingly, neither of the two “critical” vulnerabilities were labeled this way.

How to install the latest Windows security patch on your PC

To be safe, it’s important that you update your PC as soon as possible. Whether you’re running Windows 11 or Windows 10, these security vulnerabilities pose a threat, as bad actors will discover how to exploit them in due time.

To update, head to Start > Settings > Windows Update (Windows 11) or Update & Security (Windows 10). Either way, click Check for updates. Once Windows recognizes the update, follow the on-screen instructions to install it.

Source link


Leave a Reply

Your email address will not be published. Required fields are marked *