Microsoft Issues Serious Windows 10 Upgrade Warning
Windows 10 users, it’s time to pay attention because Microsoft has announced a critical update warning and you need to act.
In the company’s new Windows 10 ‘Patch Tuesday’ update, Microsoft revealed fixes for an eye-opening 117 security holes. 103 of these flaws are classified as ‘Important’ and 13 are deemed ‘Critical’ (including a further fix for the infamous PrintNightmare exploit). Furthermore, Microsoft confirms four of the critical flaws are under active attack by hackers.
“This volume of fixes is more than the last two months combined,” notes the Zero Day Initiative (ZDI), a global community of independent security researchers. ZDI also highlights the four actively exploited attacks for particular attention: CVE-2021-34527 (PrintNightmare), CVE-2021-34448 (a memory corruption vulnerability) and CVE-2021-31979 and CVE-2021-33771 (both elevation of privilege attacks) which are the most serious type of hack a Windows user can face.
In addition to critical flaws, there is a further interesting exploit of note. CVE-2021-34466 is a hack for Windows Hello, Microsoft’s popular login system that uses fingerprints and facial recognition. Microsoft’s own figures state that approximately 85% of all sign-ins to Windows 10 devices currently use Windows Hello.
“Our findings show that any USB device [such as a webcam] can be cloned, and any USB device can impersonate any other USB device… The OS cannot validate such a device’s authenticity, at least not according to the USB specification,” states CyberArk Labs, the security research team which discovered the bug. This suggests we can expect further hacks of Windows Hello in future.
To download the latest Windows 10 patches, users should follow these steps:
- Windows Settings > Updates & Security > Windows Update.
- Click “Check for updates”
- Watch that a new July patch starts installing
- Restart your computer afterwards
Hackers appear to have declared open season on Windows 10 this month, so I would advise all Windows 10 users to download these updates as a matter of priority.