Skip to Content
© Fotogigi85 | Dreamstime.com
Security & privacy

Windows 10: Latest security patch fixes a zero-day vulnerability

Microsoft and other tech companies regularly release updates and security patches for their software. This not only ensures that you get the latest features but also keeps your devices protected.

Vulnerabilities in software can be exploited by hackers, leading to personal information being stolen. In severe cases, your device and all its files can be held for ransom. Tap or click here for the secret behind ransomware attacks that hackers don’t want you to know.

Your first line of defense against cyberattacks, whether it’s malware or intrusions, is by having reputable antivirus software. Windows 10 comes pre-installed with Microsoft Defender and aims to root out any suspicious activity on your system. But a new zero-day flaw has been found, putting your system in jeopardy.

Zero-Day vulnerabilities

Microsoft Defender protects you from known threats if you don’t have a paid subscription to antivirus software. But when a zero-day vulnerability is discovered, it raises severe alarm bells.

That’s why Microsoft just released a security patch, to fix a zero-day flaw. Microsoft has started to push the update to users, as it hurries to fix the identified CVE-2021-1647 threat.

RELATED: Make 2021 the year you protect your family and your home

Hackers have already exploited the remote code execution (RCE) bug that was detected within the Microsoft Defender software. The bug helps cybercriminals trick users into opening a file that contains malicious code. That code can be anything from malware to ransomware.

Loss of security confidentiality

Detailed in the patch documentation, Microsoft highlights that no further action is necessary after the update has been installed. The security patch for this and 82 other issues are all contained within the Microsoft Malware Protection Engine.

“The default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically,” patch notes state.

RELATED: Got new tech? Lock it down now before it’s too late

Analyses for the bug revealed that while the attack complexity and privileges are low, the confidentiality has been marked as high. Microsoft notes, “There is a total loss of confidentiality, resulting in all resources within the impacted component being divulged to the attacker.”

How to update Windows

Keeping your system update to date with the latest software releases are critically important. Here is how you can check for updates and download the latest patches:

  • Click the Start icon in the bottom left-hand corner of the Task Bar
  • Click Settings
  • In the next window, click Update & Security
  • The first window should be the default Windows Update page
  • Click Check for Updates
  • If an update is available, click Download and install now

For added peace of mind, set Microsoft Defender to periodically check for threats.

  • Click the Start icon in the bottom left-hand corner of the Task Bar
  • Tap Settings
  • In the next window, tap Update & Security
  • Tap Windows Security
  • Tap Virus & threat protection
  • After the new window pops up, select Microsoft Defender Antivirus options
  • Select the box to have Defender scan periodically for threats

Also, make sure that any other antivirus software that you use is updated regularly. It’s one of the best ways to stay ahead of criminals. Tap or click here for the best antivirus options for PC or Mac.

Stop robocalls for good with Kim’s eBook

Robocalls interrupt us constantly and scam Americans out of millions of dollars every year. Learn Kim's best tricks for stopping annoying robocalls in this handy guide.

Get the eBook