As the firm itself recommends, these security patches should be installed as soon as possible in order to work with a protected computer. This means that, after a few hours from the launch of all this, it is very possible that our team is already able to install these updates from the application of Setting. In addition, all this is carried out automatically on most occasions in order to make things as easy as possible for us.
This vulnerability affects the boot of the PC
The first thing we should know here is that there are several windows versions which have been patched in the last few hours. In them, a good number of security flaws have been corrected and we show them below:
- Windows 10 21H2: 19 vulnerabilities are fixed, 4 critical and 15 important.
- Windows 10 22H2: also fixes 19 vulnerabilities, 4 critical and 15 important.
- Windows 11 21H2: fixes 20 security flaws, 4 critical and 16 important.
- Windows 11 22H2: 20 security flaws are also fixed, 4 critical and 15 important.
It is important to note that the patches that Microsoft sent us yesterday correct three zero-days vulnerabilities, two of which have already been exploited in attacks and another that has been publicly disclosed. Therefore, this is one more reason why we should update our equipment as soon as possible.
One of these vulnerabilities directly affects system boot, specifically the Secure Boot feature that is exploited by the BlackLotus malware. UEFI. This serves to infect Windows systems even if they are fully patched and protected. Here we are talking about a security feature that blocks untrusted bootcode loaders on computers with UEFI firmware. This prevents rootkits from being loaded during the PC startup process.
Well, this security flaw was used to circumvent the released patches, something that of course the firm already solves. The vulnerability allows an attacker to execute self-signed code at the UEFI level, even when Secure Boot is enabled. It must be said that all Windows systems in which the protections are enabled Secure Boot they are affected.
Other fixes for Windows 10 and 11
Right now, most users work with one of the versions of Windows 10. Well, through the update KB5026361, Microsoft fixes a problem with administrator passwords in the system. This means that the LSASS could become unresponsive, with associated security risks.
In turn, they highlight a new option to configure application group rules and the possibility of synchronizing the language and region settings when these elements are changed on a device.
On the other hand, and regarding the most current version of the software giant’s operating system, Windows 11we got the update KB5026372. Perhaps the main novelty that we are going to find here is that it adds a new option related to updates that we have been talking about for a while. Through the Settings application we will already have the possibility of activating a feature that allows us to obtain Windows updates ahead of time if we wish.
How to install the patches
In most cases, it is enough for us to place ourselves in the functionality of Windows Update so that the OS update itself. In the event that we encounter some kind of problem to update Windows 10 or 11, we also have the possibility of carrying out the process manually. Next, we leave you the links to download these security patches directly from the microsoft catalog.
KB5026361 for Windows 10.
KB5026372 for Windows 11.
