Microsoft has just released updates to fix 108 software vulnerabilities. Windows currently hold a higher market of the operating system of about 87.56% which means a great number of users need to update their Windows 10 version as soon as possible. The updates tackle zero-day vulnerabilities which is a term used by Cyber Security.
The updates include over 100 vulnerabilities that fix things ranging from Exchange Server vulnerabilities to flaws in Microsoft Office products, Microsoft Edge, and Azure.
What’s Zero-Day Exploit?
A zero-day exploit is a cyber attack that occurs on the same day a weakness is discovered in software. At that point, it’s exploited before a fix becomes available from its creator.
Initially, when a user discovers that there is a security risk in a program, they can report it to the software company, which will then develop a security patch to fix the flaw. This same user may also take to the Internet and warn others about the flaw. Usually, the program creators are quick to create a fix that improves program protection, however, sometimes hackers hear about the flaw first and are quick to exploit it. When this happens, there is little protection against an attack because the software flaw is so new.
Organizations at risk from such exploits can employ several means of detection, including using virtual local area networks (LANs) to protect transmitted data, by making use of a firewall, and using a secure Wi-Fi system to protect against wireless malware attacks. Also, individuals can minimize the risk by keeping their operating systems and software up to date or by using websites with SSL (Security Socket Layer), which secures information being sent between the user and the site.
The Picture Below Explains How We Are Attacked Via Advertisement.
Kaspersky Cyber Security Solutions
“We believe this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits to escape sandboxes or get system privileges for further access. Unfortunately, we weren’t able to capture a full chain, so we don’t know if the exploit is used with another browser zero-day, or coupled with known, patched vulnerabilities.”
However, none of these are known to have been exploited in the wild. If you’re a Windows 10 user most updates should download automatically.
To Be On The Safe Side You Can Follow The Steps Below:
- Make sure to update your windows version by going into the Settings.
- Click on the update and security icon.
- Here you will be able to select the Windows Update option.
- You will also see an option about “Check for updates” And if there’s one available, select that option to update your windows automatically.
At least four issues were found in the Microsoft Exchange mail server. However, none of these are known to have been exploited in the wild. Microsoft further says Customers using Exchange Online are already protected and do not need to take any action.
Nothing stored on the internet or used via the internet is safe. Always be vigilant and make yourself up-to-date about security and privacy.
Do you know what’s Data Scraping? Read: What Is Data Scraping? How To Automatically Pull Data From A Website?