Microsoft Warns of 79 Security Flaws, Patches Windows After 4 Bugs Exploited



Microsoft released security updates for a range of different software and systems on Tuesday, patching 79 different exploits. Four of the bugs have been actively exploited in the wild, according to the tech giant, but patches addressing all of the issues are now available.Eight of the bugs relate to SharePoint, Excel, and Visio. Dozens of the patched bugs could impact Windows 10 and Windows 11 users, and one of the bugs is tied to Microsoft Outlook’s iOS app.The four actively exploited flaws affect versions of Windows 10, though a few also impact Windows 11 users. One is a remote code execution vulnerability where a Windows 10 update rollback enables an attacker to exploit previously patched bugs. The second exploited flaw is an issue with Windows Installer that could allow an attacker to gain system privileges on Windows 10, Windows 11, or older Windows servers. Another exploited flaw, CVE-2024-38217, is a security bypass vulnerability or “Mark of the Web” flaw that could get users to download malicious files, impacting some Windows 10 and 11 versions. It’s reportedly been an ongoing issue, and was exploited as early as six years ago.The final vulnerability Microsoft believes has been exploited is a vulnerability that could allow an attacker to bypass Microsoft Office security features, meaning some versions of Office wouldn’t block malicious files.

Recommended by Our Editors

Thankfully, most of the bugs weren’t exploited before the patches were released, according to Microsoft’s data. To update your Windows PC on Windows 11, navigate to your Search bar and type “updates.” From the pop-up menu, select “check for updates.” That will bring up the Windows Update menu. You’ll be able to see the last time your computer was updated, start or schedule updates, or examine more advanced settings. There’s also an option to join the Windows Insider Program if you want early access to upcoming software versions like the anticipated 24H2 update, or experimental features like Microsoft Recall.

Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

About Kate Irwin

Reporter

I’m a reporter covering early morning news. Prior to joining PCMag in 2024, I was a reporter and producer at Decrypt and launched its gaming vertical, GG. I have previous bylines with Input, Game Rant, and Dot Esports. I’ve been a PC gamer since The Sims (yes, the original). In 2020, I finally built my first PC with a 3090 graphics card, but also regularly use Mac and iOS devices as well. As a reporter, I’m passionate about uncovering scoops and documenting the wide world of tech and how it affects our daily lives.

Read Kate’s full bio

Read the latest from Kate Irwin

We will be happy to hear your thoughts

Leave a reply

Gadgetsbestdeals
Logo
Compare items
  • Total (0)
Compare
0
Shopping cart