Microsoft Releases Emergency Windows 10 Patch

Windows gets an out-of-ban update to deal with a new worm

Why This Matters:

Windows is still the most popular OS on the planet and any vulnerability, whether or not it’s exploited, is a potential risk. The good news is that, as long as you install this surprise update, your Windows will be fine.

The Windows 10 Desktop
The Windows 10 (Anniversary Update) desktop.

Microsoft issued a surprise Windows update just days after accidentally leaking a Windows client and server vulnerability.

What happened? The key to staying ahead of hackers is working with security firms that identify vulnerabilities and patching them before the bad guys notice. In this case, word of the Windows remote code execution vulnerability was leaked by Microsoft before it could patch it. So, it rushed out a patch.

How does the worm work? According to Microsoft, the vulnerability exists in how its Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. The vulnerability applies to Windows 10 and Windows Server.

Am I at risk? Even without the patch, probably not. Microsoft has not observed the worm in the wild and to advance such an attack, the hacker would need access to a Windows server and to get you to connect to that server.

What do I do? If your Windows installation is set to auto-update, there's nothing for you to do. The patch is probably already there. If not, just run the Windows Update routine and let the system do its work.

Bottom line: If you follow Microsoft Windows best practices and let Windows Defender run, you are largely protected from most direct-attack vulnerabilities. That said, you still need to be vigilant about social engineering attacks that encourage you to follow links in, say, email. It’s the kind of attack that hackers running this new worm would likely use.

Become an Expert in Windows