Skip to Content
© Fizkes | Dreamstime
Security & privacy

Patch to fix major security flaw in Windows isn’t working – here’s what to do

It’s not too often our intelligence services step into consumer affairs. Organizations like the CIA and NSA like to remain in the background — it’s how they catch spies and terrorists. But when a security flaw is dangerous enough, the equation changes.

For example, the NSA previously spoke out about an urgent Windows update that stopped BlueKeep, a dangerous security exploit that could let hackers take over computers worldwide. Tap or click to find out how bad this bug really was. And now, a new bug has prompted the NSA to urge Windows users to update immediately.

This patch fixes a critical flaw that affects 900 million devices. If unaddressed, your computer can be duped into thinking viruses are ordinary files. Unfortunately, the update didn’t roll out as smoothly as expected. But in true Microsoft fashion, the fix has a fix of its own. Here’s how you can safely update your PC.

Update your Windows 10 system immediately!

This week, Microsoft released a patch for a critical windows vulnerability with help from none other than the NSA. The announcement on the organization’s webpage explains the NSA discovered a dangerous flaw in Windows 10 that allows malware to masquerade as ordinary software.

Hackers can take advantage of the flaw, thanks to an issue with a part of Windows called CryptoAPI. This system component checks apps and programs for “developer signatures” that prove they come from trusted sources.

By exploiting the flaw, a hacker could spoof a piece of malware to make it look like a normal program. This would allow them to quietly and dangerously infect computers without users ever being aware something is wrong.

Related: Nearly 800 million Windows computers at risk

This fix was quietly shipped to users as part of Microsoft’s routine patching program, and is also available as a standard download via Windows Update. Unlike others before, this patch is the first in history to be credited to the NSA by Microsoft. A real-life spy organization is helping us make our computers safer.

Fixing the fix

Unfortunately, like several of Microsoft’s other fixes, the rollout didn’t quite go as planned. Upon downloading, users would be greeted by a variety of system errors, some of which include the following:

“We could not complete the install because an update service was shutting down”

“There were problems installing some updates, but we’ll try again later. 2020-01 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4528760) – Error 0x800f0988. Troubleshooter, sfc, dism don’t fix error.”

Thankfully, the issue is contained to Microsoft’s internal update process. This means users can still get the patch, but many will have to download it and install manually.

While it’s good there’s a workaround for this issue, it’s unfortunate that many of the world’s less tech-inclined users will miss out on a critical patch to protect their system until Microsoft straightens the bugs out.

How do I download this update from Microsoft?

Although the initial patch has some issues installing, it’s still worth attempting to install the traditional way. The majority of users experiencing issues are running Windows 10 builds 1903 and 1909, but others have seen success with their installs. For those of you at homes attempting to install the patch, try the method below first before moving to a manual install.

For the normal method, you can update your system by navigating to Settings and clicking Update & Security. In this menu, you can click Check for updates to see the latest patches available. Once the window populates with the latest patch, you can download it to install. Check the following numbers to make sure you have the correct patch:

KB4534306 base update
KB4534271 for Windows 10 Version 1607
KB4534276 for Windows 10 Version 1709
KB4534293 for Windows 10 Version 1803
KB4534273 for Windows 10 Version 1809
KB4528760 for Windows 10 Version 1903 and 1909

If you have issues installing, you’re likely running the versions we mentioned above (1903 and 1909). You’ll need to manually download the patch listed above for those versions from Microsoft’s website.

To install manually, tap or click here to visit the Microsoft Update Catalog. Then, enter KB4528760 into the search bar. Next, click Download next to the update version that’s compatible with your PC.

If you’re not sure which version you’re on, right-click the windows icon at the bottom left of the start menu bar and select Settings, followed by System, then About.

Staying safe in the digital world

Microsoft makes it relatively easy to get your system up to date. Once the patch is installed, you should be fine, though we still advise you to exercise caution when downloading or exploring files you aren’t familiar with. With security holes as big as this one, hackers are always on the move.

Related: Major new Windows flaw found in Intel chips

If you want to skip the hassle of always checking for updates, make sure to turn on automatic updates in this same section. Enabling this feature will keep your OS current, and will minimize the chances of you missing a critical update and getting hit with a hack.

But do keep in mind: Just because you’re protected from one security flaw doesn’t mean you’re protected from others. Be skeptical, be cautious and always use your best judgement when exploring the web. Your computer will thank you for it.

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me