Microsoft has revealed that it has found a number of critical security vulnerabilities in Windows 11, in addition to different variations together with Windows 10.The revelations got here as half of January 2023’s ‘Patch Tuesday’ – the day of the month that Microsoft releases a swathe of patches to repair points in its software program.
While many of the vulnerabilities, which don’t simply have an effect on new variations of Windows, but in addition older variations reminiscent of Windows 8, Windows 7 and Windows Server 2019, have been mounted with patches, six of the threats have been highlighted as zero day threats.While many security vulnerabilities are fortunately discovered and glued earlier than malicious customers discover and exploit them, zero day threats are vulnerabilities which might be already out within the wild, which implies they're significantly worrying.In complete, Microsoft introduced the existence of 97 new exploits – which is definitely a troubling quantity. As a report in Forbes explains, Microsoft has restricted the details about the zero day exploits to guarantee it has time to tackle them earlier than they're exploited. Microsoft believes that to date, there haven't been any assaults utilizing the vulnerabilities. Obviously, although, time is of the essence.The zero day vulnerabilities are:
- Critical - CVE-2021-22947 - Open Source Curl Remote Code Execution Vulnerability
- Important - CVE-2021-36976 - Libarchive Remote Code Execution Vulnerability
- Important - CVE-2023-21919 - Windows User Profile Service Elevation of Privilege Vulnerability
- Important - CVE-2023-21836 - Windows Certificate Spoofing Vulnerability
- Important - CVE-2023-21874 - Windows Security Center API Remote Code Execution Vulnerability
- Important - CVE-2023-21839 - Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability (restricted to Windows 10 and Windows Server 2019)
Of the 97 vulnerabilities, eight are labeled as ‘critical’, with 88 labeled as ‘important’. This means they're significantly harmful, so customers ought to be sure that they're protected in opposition to them as quickly as doable.
What ought to you do?
Microsoft’s warning is definitely troubling, however there’s no need to panic, so long as you take some precautionary steps. While the zero day threats are within the wild, they’ve not been used and Microsoft is actively engaged on fixes.Meanwhile, it has additionally created patches for a lot of of the opposite vulnerabilities. So, the perfect factor you can do proper now's be sure that Windows 11 (or whichever model you have put in) is up to date with the most recent security patches.They ought to download mechanically, and If that’s the case you may even see a immediate within the taskbar to restart your PC. You may additionally discover when you go to flip off your PC that there are alternatives to ‘Update and restart’ and ‘Update and shut down’ – be sure that you choose one of these.You also needs to test to be sure that there aren't any updates ready for you. To do this, open up Settings and go to Windows Update > Check for Updates. If any are discovered, download and set up them.If you have any anti-virus or anti-malware software program put in, be sure that they're up to date as properly.
Hopefully Microsoft will proceed to examine and repair these vulnerabilities ASAP.
