New Windows Updates Target Active Security Issues

44 total vulnerabilities have been addressed

Microsoft on Tuesday released a series of security updates for Windows designed to address 44 security issues that have been actively exploited.

The update release looks to squash 37 important bugs, as well as seven critical issues seen in Windows, .NET Core & Visual Studio, Azure, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Remote Desktop, Microsoft Windows Codecs Library, and more.

Windows laptop installs update

Clint Patterson / Unsplash

The Hacker News also reports that Microsoft released an update for Microsoft Edge, which addressed seven additional security flaws found in the browser in early August.

One of the biggest flaws addressed with the update, CVE-2021-36948 is an elevated privilege flaw that directly affects Microsoft’s Windows Update Medic Service, which helps to protect and remediate Windows Update components.

With the flaw, the service could be used maliciously to run programs that could give bad actors elevated permissions and access to the infected system.

Microsoft hasn’t revealed too many details about how these issues have been exploited, however the company recommends that users download the latest security fixes as soon as they are available on their system.

"...the company recommends that users download the latest security fixes as soon as they are available on their system."

Additional flaws addressed in the update include CVE-2021-36942 and CVE-2021-36936. Both of these issues hold a higher score in the Common Vulnerability Scoring System (CVSS), which means they hold significant risks for users.

Microsoft says installing the newest patches will help ensure your system isn’t affected by any of the security risks addressed in this update. You can learn how to install Windows updates if you aren't already familiar with the process.

Was this page helpful?