Now that Microsoft has ended support for Windows 7, many people have made the decision to move onto Microsoft’s latest operating system, Windows 10. However, Windows users are not fully in the clear just yet – The US National Security Agency (NSA) has recently discovered a critical bug in the operating system, to which Microsoft has since released a patch to fix.
What Exactly is this Bug?
The vulnerability, known as CVE-2020-0601, essentially allows attackers to use false security credentials to install malware under the pretense of it being legit software. The vulnerability can be found in Windows CryptoAPI (Crypt32.dll), and experts state that the vulnerability could be exploited on a greater level, even going as far as to affect entire networks.
What You Can Do To Fix It
While the NSA states that “sophisticated cyber actors will understand the underlying flaw very quickly”, attackers are likely to target larger networks while they have the chance, rather than random individuals. With that being said, neither the NSA nor Microsoft are giving many details surrounding the vulnerability – they are simply insisting that anyone running Windows 10, Windows Server 2016 or Windows Server 2019, should immediately download the patch.
Installing the Updates
Recently, a number of users report that despite several attempts, the update fails to go through. For such a serious bug, this isn’t the best news. In any case, there are a couple ways you can try to get around this.
A good place to start is by clicking the Start button and navigating to Settings > Update & Security > Windows Update.This is the classic way of installing the update, but it’s also where most users have reported issues.
If you’re running into problems installing it through your Start menu, Microsoft recommends doing the update manually, which you can do by going to the Microsoft Update Catalog website, entering “KB4528760” in the search bar, and then clicking ‘Download’ next to the version that’s suitable for your PC
Regardless of whether you’re using Windows 10 or not, this is a good opportunity to catch up on any updates your computer needs. Companies are constantly releasing updates, not just to annoy you, but instead to patch up any flaws or errors that appear in their software.
If you need to brush up on your internet safety knowledge, here’s a brief article on why updates are so important for being safe on the web.
59 comments