Leave a comment

Windows security fixes you can't afford to skip

Windows security fixes you can't afford to skip
© Alexmillos | Dreamstime.com

After postponing February's Patch Tuesday updates due to a "last minute" issue, Microsoft finally released the patches for the two zero-day flaws that were expected to have been fixed last month.

Patch Tuesday is the unofficial term for the second Tuesday of each month when Microsoft and Adobe usually release updates and fixes for their line of software.

In 18 security bulletins rolled out for March 2017, Microsoft stated it has patched dozens of vulnerabilities, eight of them rated critical.

One of the patches (MS17-012) is a fix for a zero-day flaw in Windows's SMB file-sharing protocol that could potentially crash systems via a denial-of-service attack, at the very least.

Another zero-day flaw patch (MS17-013) concerns a publicly disclosed Windows graphic bug that Google's Project Zero team shared with Microsoft six months ago.

A cumulative security update (MS17-006) for Internet Explorer was also issued. This has fixes for four publicly disclosed Internet Explorer bugs - a privilege escalation flaw (CVE-2017-0154), an information disclosure bug (CVE-2017-0008) and two browser spoofing vulnerabilities (CVE-2017-0012 and CVE-2017-0033).

Microsoft Edge browser fixes were also issued in a separate bulletin (MS17-007) with patches for 32 vulnerabilities including the same publicly disclosed bugs in Internet Explorer. Additional patches for Edge include fixes for memory corruption flaws and three browser spoofing issues that are likewise publicly known.

Other critical bulletins include patches for flaws in Hyper-V, (MS17-008), the Windows PDF Library (MS17-009), the Windows SMB server (MS17-010), and Uniscribe (MS17-011).

Adobe Flash Updates

In related news, Adobe also issued its own set of Patch Tuesday updates for its software offerings.

This month's Adobe updates include patches for eight Flash Player vulnerabilities, seven of them rated critical. If you're still using Flash, it is recommended that you update immediately to version 25.0.0.127 since these flaws can lead to remote code execution.

How to update Windows

Most Windows machines are set to download and install updates automatically by default. If you haven't changed your automatic update settings then you should be fine.

But if you want to check, here's how:

Automatic Windows updates

 

On Windows 10, click Start (Windows logo), choose "Settings," select "Update & Security," then on the "Windows Update" section, click on "Advanced Options." (Note: the "Windows Update" section is also handy for showing you updates that are currently being downloaded or applied.) Under "Advanced Options," just make sure the drop down box is set to "Automatic."

If you have an older Vista or Windows 7 system, check out our tips on how to set up and check Windows Updates.

Update Flash

For Chrome, Internet Explorer 11, and Microsoft Edge browsers, the updates should be applied automatically after a restart. For other browsers, you may need to update the Flash plugin manually.
--> Click here to use our Adobe Flash Update Tool guide for download and install instructions.

The latest Flash Player version for Windows, Mac, Chrome, Microsoft Edge and Internet Explorer 11 and Linux is 25.0.0.127.

Don't be fooled by this Nintendo Switch scam
Previous Happening Now

Don't be fooled by this Nintendo Switch scam

Strangest Amazon Alexa hack yet!
Next Happening Now

Strangest Amazon Alexa hack yet!

View Comments ()