Long-awaited feature is finally here: Microsoft Patch Day brings tabs to Windows Explorer


But no matter which version of Windows 10 or 11 you are using, you should import the updates promptly, because there are some critical security gaps that are already being used for attacks.

Two of them affect Exchange Server and thus hit problem areas for administrators. Another critical bug exploits an error in Windows scripting. It is thus possible to run any code on computers via specially prepared websites. Microsoft does not say how often this type of attack is already being used.

But there are other security gaps that affect all Windows users and are already being used: Windows should treat downloaded files with particular security, but a bug classified as important allows the labeling of downloads to be manipulated.

A vulnerability in the printer service and a problem with the management of cryptographic keys are also exploited. Both are used to gain extended privileges on attacked systems. This blog post provides a list of all addressed security gaps.



Source link -61