Delaying Your Windows Updates? You Probably Shouldn’t
Windows 11
We’ve all been there—the Windows update notification pops up, and we click “Remind Me Later.” But later may be too late. Learn why it’s important to update to maintain your PC’s security.
Updates Are Critical to Your Security
Windows updates aren’t just important because they come with functional and compatibility improvements; they also provide security patches. Security patches fix bugs that could allow hackers to gain access to your system, steal your sensitive information, or hold your data ransom.
Once your system is infected by a malicious threat, most do not just take what they want and get out. Many malware strains can live on your system and steal information over long periods of time. Neglecting to install updates can result in long-term infections.
Let’s take a look at an update from October 2024 to highlight exactly why timely updates are so critical.
What’s at Risk And Why You Should Act Now
Microsoft rolled out its October 2024 update and fixed 117 vulnerabilities. Out of these 117 vulnerabilities, there are two zero-days actively being exploited in the wild.
The first, identified as CVE-2024-43572, is a remote code execution vulnerability that affects the Microsoft Management Console (MMC), which means that a hacker could send specially crafted files or requests to execute arbitrary code on machines and trick you into running a malicious file.
The latter, CVE-2024-43573, is a vulnerability in the Windows MSHTML Platform (also referred to as Trident), the browser engine used by Internet Explorer and other legacy applications. It is a spoofing vulnerability, which means it impersonates legitimate services to gain user confidence. Hackers can potentially trick you into visiting malicious websites or opening malicious files to steal your private information.
There’s also another vulnerability that affects IT teams. Identified as CVE-2024-43468, it has a severity rating of 9.8/10, and an “update now” warning sign. It affects Microsoft’s Configuration Manager, a tool that helps IT teams manage large groups of computers, by allowing hackers to potentially execute arbitrary code remotely. Fortunately, it’s not a cause for concern for the average Windows user.
But What Could Happen if This Vulnerability Is Exploited?
If the above vulnerability is exploited, a hacker could:
- Execute malicious code to gain access and control over systems and underlying databases where personal and sensitive data is stored.
- Install malicious software or change security configurations to other systems.
- Infect the network and compromise other devices connected to that network.
With its high severity rating, it requires no user interaction and is considered low complexity, meaning it can spread quickly through a network if exploited.
How to Update Windows PC
To update your PC, click the Start button at the bottom of your screen and type Settings into the search bar. Select “Settings” from the results. Alternatively, you can quickly open the Settings app by pressing Windows+i on your keyboard.
Once the Settings window is open, go to “Windows Update” and select “Check for Updates” to see if any updates are available for your PC and begin the update process. If this fails, you can manually update your PC.
For more detailed information about these vulnerabilities and security updates, you can refer to Microsoft’s official security documentation.