Yesterday was the second Tuesday of the month, and as usual, Microsoft has released new security patches to correct all kinds of bugs and vulnerabilities in Windows, Office and other programs. Although we should always install these updates to be safe, this month we want to pay special attention to these patches, because one of them is exposing our PC to the most dangerous type of malware we can find: the ransomware.
The new security updates are now available for all Windows users. If our computer does not have strange configurations, it is normal for Windows Update to download and install the updates automatically, without us having to do anything special. And, once installed, it will simply ask us to restart the PC, when we can, to complete the installation.
The versions of Windows that have received these patches are:
- Windows 10 – 20H2, 21H2 and 22H2. –> 56 vulnerabilities, 5 critical and 51 important.
- Windows 11 – 21H2 and 22H2. –> 59 vulnerabilities, 5 critical and 54 important.
If we want to make sure that our PC is up to date, what we can do is go to Windows Update, search for updates by hand, and install the new patches on our computer.
Summary of Windows security patches
In total, the new security patches for Windows 10 and Windows 11 (remember, the other versions of the operating system are no longer supported) this month have fixed 97 security flaws. Of all of them, 7 have been considered critical for allowing “remote code execution”, the most dangerous of all. In total, the updates are divided as follows:
- 20 vulnerabilities of the type “Elevation of Privilege”.
- 8 security flaws that allow you to evade system security measures.
- 45 security issues that lead to remote code execution.
- 10 vulnerabilities that reveal user information.
- 9 denial of service failures.
- 6 security problems of the type “Spoofing”.
In addition to these problems solved in these patches, we must also highlight the 17 bugs that have been corrected, on April 6, in the Microsoft Edge browser. A complete month, broadly speaking, for Microsoft.
Your PC is exposed to ransomware
Of all the previous failures, we want to pay special attention to one of them: CVE-2023-28252. This security flaw was discovered by Kaspersky last February as a result of an investigation after seeing an increase in the number of attempts to exploit this, and other similar flaws, in various servers of small and medium-sized companies.
The security flaw was being used by a group of cybercriminals to distribute a new version of one of the most dangerous ransomware: Nokoyawa. This ransomware has been active since February 2022, and mixes code from three other dangerous threats: JSWorm, Karma and Nemty.
Hackers take advantage of other security flaws in Windows to ultimately manage to upload the ransomware, remotely, thanks to the CVE-2023-28252 vulnerability. Like any other ransomware, when it runs on the PC, it automatically encrypts all our personal files, deletes the original ones, and prompts us to pay the ransom, or we will lose our data forever.
The best way to protect ourselves from it is the same as always: keep Windows updated, so that this security flaw cannot be exploited. And, in addition, always have a backup copy of our most important files, so that it can happen.
