The standard updates your personal computer gets may seem annoying occasionally, but theyre critical to help keep your personal computer safe online. Just to illustrate: Microsoft has released a patch for a zero-day vulnerability affecting all Windows computers.
The most recent security update by Microsoft affects every recent version of Windows. Its currently rolling out to Windows 11, 10, and 8/8.1, in addition to all Windows Server versions heading back to Windows Server 2008. Its also rolling out to Windows 7, despite the fact that security updates were supposed to end on January 14, 2020.
The vulnerability involved is defined as CVE-2022-37969, and its own a bug which allows for elevation of privilege in the Windows Common Log File System Driver, which an attacker can exploit to acquire system-level privileges on a vulnerable device. The attacker would want usage of a compromised machine and the capability to run code onto it, which means this vulnerability could possibly be exploited through something similar to a virus or an otherwise malicious file.
Microsoft gave credit to four different teams of researchers from CrowdStrike, DBAPPSecurity, Mandiant, and Zscaler for reporting the problem, perhaps signaling that vulnerability had been being exploited in the open something that may possibly also explain the urgency towards fixing the problem on even deprecated, unsupported os’s like Windows 7.
The security patch is rolling out to PCs now, so ensure that you update your personal computer once you get yourself a chance.