Update Your Windows Pc Now To Patch 2 Zero Days 119 Other Flaws

One of the most significant changes with Windows 11 is the new Apple-like interface. The taskbar was also overhauled to make it easier to find your most-used apps. More changes coming to the new OS include automatic framing, background blur and background noise suppression. Tap or click here for details. There’s a trend for tech companies to gather updates and release them on the second Tuesday of every month. This is known as Patch Tuesday. Microsoft released an update this week to patch some critical flaws. Read on for more details and how to get the update.

The latest updates

Microsoft’s Patch Tuesday for April 2022 addresses more than 100 flaws and two-zero day vulnerabilities. A number of these were labeled as critical. The number of fixes is higher than in March, which included 71 vulnerability fixes. The bugs fell under various categories, including Remote Code Execution, Elevation of Privilege, Security Feature Bypass, Denial of Service, Spoofing and Information Disclosure. Among the products and services affected by the bugs were Skype for Business, Visual Studio, Windows App Store, Windows Defender, Microsoft Office Excel, Windows File Explorer, Windows Media, Windows Upgrade Assistant, Microsoft Edge (Chromium-based) and more.

Zero-day fixes

Microsoft describes a zero-day vulnerability as “a flaw in software for which no official patch or security update has been released.” Two of these flaws were fixed with the latest update:

CVE-2022-24521 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. According to its Exploitability Index, Microsoft is aware of this vulnerability being exploited. Treat this as the highest priority. CVE-2022-26904 – Windows User Profile Service Elevation of Privilege Vulnerability. This vulnerability has not been used in any attacks, though Microsoft is aware that past instances of this type of vulnerability were exploited. Treat this one as a high priority.

Critical fixes

Among the fixes that fell under the critical category were:

CVE-2022-24541 – Windows Server Service Remote Code Execution Vulnerability. This vulnerability has not been used in any attacks. Microsoft notes that while exploit code could be created, it would be difficult for the attacker. The priority here is on the lower side.CVE-2022-24491 – Windows Network File System Remote Code Execution Vulnerability. This vulnerability has not been used in any attacks, though Microsoft is aware that past instances of this type of vulnerability were exploited. Treat this one as a high priority.