Windows 10 Major Security Patch – Released September 2020
Microsoft just recently released a patch for Windows 10 that fixes 129 security vulnerabilities, with 23 listed as critical. It would be a good idea to regularly check for updates by going to the Windows Start button/icon and clicking on the cog-wheel for “Windows Settings”. Then click on the “Update & Security” icon which is at the bottom – last item. This takes you to another screen so then click the box marked “Check for Updates”. It may also say “You’re up to date”, ignore that and click “Check of updates” anyway. It is our recommendation that you update to Windows version 2004 and install this Windows 10 major security patch before the hackers work out how to use this information provided by Microsoft to attack your computer.
Software Programs Involved
The software programs involved as indicated by Microsoft can be found here; Security Guidance and Release Notes.
There are several software programs/suites involved, the major of these being Microsoft Windows, Microsoft Edge (both versions), Internet Explorer, Microsoft Office, Microsoft Exchange Server, SQL Server, Visual Studio and Microsoft OneDrive. There is also other software that you may not recognise but undoubtedly will probably be on your computer.
Additional Information
There is additional information in the following category called CVE’s with 2020 dates and various numbers after them further down the page. For example, “CVE-2020-0914 | Windows State Repository Service Information Disclosure Vulnerability” is a vulnerability with objects in memory. Microsoft has stated that “an attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system”.
Vulnerabilities
Another CVE explains there is an Excel vulnerability, CVE-2020-1332, which could be an attack via email. Yet another is for Word – CVE-2020-1338.
The first link describes the software involved such as Microsoft SharePoint, Windows 10 Version 1803 and Windows 10 version 1809 with Article number and CVE number as well as a column to enable you to download the patch for that particular software. Someone with SharePoint is going to be very busy.
In with these vulnerabilities are 32 classified as “remote code execution issues”. This means that an attacker can remotely attack your computer using specialised software. This software is designed to exploit the vulnerability that this “Security Patch” is designed to stop.
Bleeping Computer Review
One good source of information is Bleeping Computer who have broken it down in an easy to understand format. Bleeping Computer also details in a table which security CVEs are “Critical”, “Important” and lastly “Moderate”. The table indicates only one of them, which is a very user-friendly way to show this information.
Conclusion
These patches are vital for the security of your computer, so updating now would be a good idea.
This blog was provided by Affordable Computer Repairs and Service. We provide quality computer repairs in our workshop located in Coorparoo.