Latest Microsoft Windows Update is Essential To Avoid a Zero-Day Windows Vulnerability

Must Read

Superstitions across different countries – An Overview

Some believe that a superstition is anything that people believe that is based on myth, magic, or irrational thoughts. They are beliefs that are steeped in lore or tradition, and it is usually difficult to pinpoint the exact origin. Here is a brief compilation of Superstitions which are prevalent across different countries.

1.5 Million Engineers Pass Out In India Every Year, Fewer Getting Hired [Trends]

Engineering colleges have been springing up like wild mushrooms in India in the last few years. Their number has...

World’s Most Popular Ad Slogans: A Brief List To Inspire With !

Advertisement plays an important role for companies as well as consumers world wide. It gives a seller an opportunity...

A new update for Microsoft Windows is essential for all the Windows Desktop users.

Microsoft Corporation (NASDAQ:MSFT) released its regular monthly Patch Tuesday updates for this month on the tenth of December 2019. According to the report, Microsoft fixed 36 bugs and vulnerabilities this past month. One fix in particular, however, led Microsoft spokespeople to urge its users to update their software as soon as possible.

The tech giant found a zero-day vulnerability being used by cybercriminals and attackers in conjunction with a Google Chrome vulnerability in order to take control over weak computers, without the user getting to know.

Advertisements

Windows Update: CVE-2019-1458

The vulnerability is dubbed as CVE-2019-1458 and is associated with the Win32k component of Windows systems. Win32k is only available in Windows 7 to Windows 10 OS.

The type of vulnerability Windows OS is facing is often referred to as a “privilege escalating” vulnerability. Privilege escalation essentially requires a system to have a set of prerequisite conditions in order for attackers to gain control of it. Thus, the system must have been previously compromised for hackers to continue their breach. This is often done by infecting the system with a code from a third-party site.

This code is capable of analyzing whether a system has all the requirements for hacking. If yes, the exploit is infiltrated into the system and cybercriminals gain complete remote access to all actions on that system. They can then perform however many tasks on the system without the user finding out.

Similar in Working to WizardOpium

According to a member of Trend Micro’s Zero Day Initiative, the Microsoft bug is linked to the WizardOpium zero-day that was discovered in Google Chrome earlier in November.

This vulnerability improperly exploited a system’s memory, access to which made it possible for the malware to write its own data into the system’s algorithm and manipulate its workings.

Advertisements

This bug was coded as CVE-2019-13720 and was secured by Google in an emergency update.

Patch Tuesday, December 2019

As mentioned above, Microsoft fixed 36 vulnerabilities in its system this month.

Out of these, 7 were rated as critically severe, 27 important, and 1 each moderate and low in severity.

The December Patch Tuesday updates have proven to be the lowest in intensity and quantity this year. For reference, November Patch Tuesday consisted of 74 bug fixes.

Patch Tuesday refers to a Tuesday every month when Microsoft releases all its bug fixes and patches for the month. The updates usually occur on the second Tuesday of a month, and a review of patterns have shown a larger amount of updates in even months as compared to odd months.

The scrutiny Microsoft is under has increased in 2019, owing to several internal and external factors.

One factor is the growing awareness among users about the workings of big-tech and the extensive access they have over people’s data.

Apart from raising concerns about the respective companies’ use of this data, it also raises questions about cybercriminal activity aimed at gaining access to this data.

Many instances in the past few years have proven the seeming vulnerability of big tech to such breaches.

While initiatives like the Patch Tuesday are constructive for building user trust, Microsoft still has a few kinks to smoothen out. The behemoth was criticized by employees earlier this year for listening in on Skype calls for translation research and the number of malicious advertisements in Windows 10 increased according to some experts. More recently, CyberArk discovered a bug in the login system that made hijacking accounts very simple.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

India the 3rd Worst Economically Affected Nation by Internet Shutdowns in 2019: Report

2019 saw an increasing awareness about internet shutdowns in the Indian population due to unprecedented first-hand experience...

Amazon and Flipkart Under The Lens Of Indian Authorities For Competition Squashing Activities!

The ongoing tug of war between Offline and Online retailers in India seems to be far from over. On Monday, the Competition...

Constant Internet Suspensions In India Affecting Online Transactions and Economy Adversely

In the wake of the highly controversial and prejudiced Citizenship Amendment Act and other related legal developments such as the NRC, IT...

The Current Generation Require Technology In Class To Make The Most Of Future Opportunities

Technology is the current drive for everything. It has influenced all aspects of life, including cultures. It affects the way we live,...

Reliance Jio Offers Free Calls Over WiFi: Activate It Now

Following Airtel’s launch of VoWiFi calling in December 2019, Jio has now started rolling out VoWiFi calling, as well.

UPI Scam: A Man Loses Rs. 1.01 Lakhs While Using Paytm and Google Pay

Facebook finds it itself in the middle of its first scam of the new decade and the catalyst seems to be its...

In-Depth: Dprime

YouTube Should Have Bid Adieu To Dislike Button Much Earlier?

Online video sharing platform YouTube can be a ruthless place for content creators targeted by 'dislike mobs'. And the site owners totally understand that...

Facebook Has Pulled Off A Masterstroke By Integrating Its ‘Family Of Apps’?

It’s indeed hard to believe that ONE man sitting at Menlo Park, oversees how nearly a third of the world’s population interacts with each...

Facebook’s Crunch Conquest: By Relying Largely On The US Market, Is Facebook Running a Risk?

Two billion! That's Facebook, Inc. (NASDAQ: FB) for you - Right when you thought that this social-media giant has already connected the entire world, it's...

More Articles Like This