Windows 10 and Windows 11 users, it’s time to take action. Microsoft has confirmed multiple new vulnerabilities in its operating systems, including several which it admits are already known to hackers.
Multiple new security threats have been found in Windows
Microsoft disclosed the news as part of a massive March 2022 ‘Patch Tuesday’ update, which revealed a total of 71 new flaws. Three of these are ‘zero day’ hacks, which means the vulnerabilities have become public knowledge before Microsoft was able to patch them. Windows 8, Windows 10 and Windows 11 as well as Windows Server 2019 and 2022 are all affected.
In line with protocol, Microsoft is restricting information about all the new exploits to try and buy Windows users time to upgrade. I have highlighted the three zero days below, as well as the danger level Microsoft assigned to them (out of 10) using the Common Vulnerability Scoring System (CVSS).
Microsoft states that there are already public proof-of-concept exploits for CVE-2022-21990 and CVE-2022-24459 but they have yet to be used in an attack against Windows users. Something which makes protecting yourself all the more pressing.
Microsoft states it is now rolling out fixes to all Windows users, but if you want to jump the queue, you should be able to trigger them manually by going to: Settings > Windows Update > Check For Updates.
Microsoft’s security patches have had a troubled recent history following several botched zero-day patches. That said, there have been relatively few zero-day hacks so far in 2022 — until now.
Microsoft February 2022 ‘Patch Tuesday’ Fixes Numerous Windows 10, Windows 11 Exploits
Microsoft January 2022 ‘Patch Tuesday’ Fixes 97 Vulnerabilities, Six Zero-Day