Microsoft last week patched almost 100 security vulnerabilities in several versions of Windows operating systems, including a zero-day vulnerability in Internet Explorer that was actively being exploited.
This should be an example as to why enterprises should quickly install new updates as they become available and only use the latest versions of operating systems.
Cybersecurity journalist Brian Krebs reported last week that a dozen of the vulnerabilities Microsoft patched were rated as “critical,” meaning bad actors could exploit those gaps and gain complete control of systems.
According to Krebs, one of the fixes was a flaw in the way Windows handles shortcut files, affecting Windows 8, Windows 10, Windows Server 2008-2012.
Allan Liska, intelligence analyst at Recorded Future, says Microsoft considers exploitation of the vulnerability unlikely, but that a similar vulnerability discovered last year, CVE-2019-1280, was being actively exploited by the Astaroth trojan as recently as September.
Another flaw fixed with the patch was in Exchange 2010 to 2019 that could have allowed hackers to execute arbitrary code be sending a specially crafted email.
Other security fixes were for Microsoft SQL Server versions 2012 to 2016, and several Adobe products like Flash Player, Experience manager, Digital Editions, FrameMaker and Acrobat/Reader.
If you’re still using Windows 7 and aren’t paying for extended updates, you’re particularly vulnerable. Consider upgrading, buying a new computer with Windows 10 already installed or switching operating systems all together and going to MacOS, Chrome or Linux.
More from Krebs on the importance of updating:
Keep in mind that while staying up-to-date on Windows patches is a must, it’s important to make sure you’re updating only after you’ve backed up your important data and files. A reliable backup means you’re not losing your mind when the odd buggy patch causes problems booting the system.
So do yourself a favor and backup your files before installing any patches. Windows 10 even has some built-in tools to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.