In an ideal world, software is not a security vulnerability. The code is completely written and omits system bugs and glitches that could be used for hacking or other malicious purposes. It’s as difficult as a developer trying to do that, but the truth is that we always have incomplete software. This means that there are always new security vulnerabilities to discover and patch. Microsoft is currently making such patches available on Windows PCs and should be installed as soon as possible.
Bleeping Computer reportsMicrosoft issued that PYesterday, catch the update for Tuesday this month on Tuesday, June 14th. Microsoft PWe may expect an update on Tuesday, but we’ll patch some serious bugs that shouldn’t be ignored. There are a total of 55 patches, three of which are labeled “critical”. These vulnerabilities allow remote courts to be executed, allowing a malicious attacker to manipulate and run programs on a computer. The three critical security vulnerabilities are:
- CVE-2022-30163: WindowsHyper-V Remote Code Execution Vulnerability.
- CVE-2022-30139: Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability.
- CVE-2022-30136: Windows Network File System Remote Code Execution Vulnerability.
This update includes 27 remote code execution vulnerabilities, 12 privilege escalation vulnerabilities, 11 information disclosure vulnerabilities, 3 denial of service vulnerabilities, and 1 spoofing vulnerability. There is one security feature bypass vulnerability.You can do it Click here to see the complete list Of these vulnerabilities and their identifiers
However, this biggest fix is a patch for a zero-day vulnerability known as Follina. This vulnerability CVE-2022-30190, Discovered last month. This allowed a malicious attacker to execute a PowerShell command on the victim’s machine from a simple, malicious Word document.These documents can be shared via regular channels such as email and allow the sender when opened by an unsuspecting user. To exploit a PowerShell vulnerability through the Windows Microsoft Diagnostic Tool (MSDT).
According to Bleeping Computer, this exploit was used to attack U.S. Government agencies, Ukrainian media organizations, and distribution of QBot malware. You will need to install this update as it is included in the June 2022 patch on Tuesday. But interestingly last monthMay security patch In fact, there were more fires than this June update. The last patch on Tuesday addressed a total of 75 defects with three zero-day exploits.
How to update Windows to install the latest patches on your PC
Your PC may install these security updates automatically. However, to get it installed as soon as possible, please visit the following URL: [スタート]>[設定]>[更新とセキュリティ]>[WindowsUpdate] (Windows 10) or Start> Settings> Windows Update (Windows 11). Allows Windows to check for available updates. If a patch is available, it will be displayed here. Then follow the on-screen instructions to download and install the update on your machine.
Update Windows Now to fix these security vulnerabilities
Source link Update Windows Now to fix these security vulnerabilities