The constant updates and patches that you send us to Microsoft for the windows system They are essential in most cases. Yesterday was Patch Tuesday for September 2022, we tell you why you should update the operating system as soon as possible.
These software elements microsoft It is responsible for sending us monthly, as a general rule they focus on correcting the latest vulnerabilities detected. Hence precisely the importance they have in order to work with a protected team. In addition, it must be taken into account that the company send patches for different versions of the operating system and for other proprietary products.
An example of this is the case in which we find ourselves right now, security patches available for all supported versions of Windows.
- Windows 7: Here are patches for PCs with extended support where a total of 32 vulnerabilities are corrected, 3 of them critical.
- Windows 8.1: in this version of the system, up to 33 vulnerabilities have been patched, 3 of them critical and the rest considered important.
- Windows 10: In the versions that are still supported, have fixed 40 vulnerabilities3 of the same, critical.
- Windows 11: In this case, Microsoft sends these security patches to eliminate a total of 42 vulnerabilities, 3 critical.
To all this we must add the versions of windows-server that also receive support and that have also been patched to be more secure.
A Windows zero-day vulnerability has already been exploited
So that we can get a rough idea of the importance of updating all this as soon as possible, we must take into account that the firm now corrects 63 security flaws. At the same time it is important to know that 5 of the 63 are considered critical. These allow remote code execution, one of the types of most serious vulnerabilities. This is how the most recent ones are divided.
- 18 elevation of privilege vulnerabilities.
- A security flaw for the evasion of security features.
- 30 bugs related to remote code execution.
- 7 vulnerabilities that focus on revealing Windows information.
- 7 security flaws used to denial of service attacks.
To all that has been said, we add that these patches correct two zero-day vulnerabilities. But at the same time it is important to know that one of them has already been actively exploited and is being used in attacks right now. It must be said that Microsoft classifies a vulnerability as of this type if it is publicly disclosed or actively exploited without an official solution being available.
The one we are commenting on now has just been patched and is known as CVE-2022-37969. It must be said that an attacker who uses it successfully could gain permission to control the system, warns Microsoft. Therefore, we could say that this is one of the many reasons why we must update and patch our Windows computer as soon as possible.
How to update right now
We must bear in mind that these patches that we have mentioned for the different versions of Windows should already be available for download. As a general rule, this is something that we can carry out through the Windows Update function included in the system. Of course, we must also bear in mind that this may take a few hours or even days in some cases. But in the event that we see that the new patches for the month of September 2022 do not arrive automatically, we can always download them by hand.
