This Windows 10 update news is not just good news. It is a reason why you should update your PC right now. Without this update, someone or something could attack your computer with a Blue Screen of Death (BSoD) just by trying to open a folder that doesn't exist.
The news comes from Bleeping Computer, which says that the February 2021 Patch Tuesday download, released on February 9, includes a fix for a bug that Microsoft is tracking under the tag CVE-2021-24098.
We reported on this bug and tested the exploit when it was first discovered less than a month ago. And it was legitimate. We do not know if it is being actively exploited "in the wild", but now that it has been publicized, it will be quicker to wait and find out.
The flaw, dubbed the "Windows Console Driver Denial of Service Vulnerability" by Microsoft, has only one advantage.
According to Microsoft's documentation, in a "web-based attack scenario," all you need is a way to get someone to open a web page, since a website could be used to deliver a file path that exploits the flaw.Unfortunately, as anyone who has been the victim of a phishing attack has experienced, getting the average user to open a link is not difficult.
Sometimes the link is a breathtakingly worded email or text from the bank that forces them to modify something in their account, while other times it is something less over-the-top, such as a message promoting information about the Covid-19 vaccine or a third stimulus check.
Or they may be embedded in web pages that seem harmless. Simply clicking on a malicious link may crash your PC.
The February 2021 Patch Tuesday update will be available to users through one of the 20 updates listed at the bottom of the CVE-2021-24098 page.
To update your machine, follow these simple steps. [This flaw is exploited by users attempting to open the following directories.
This is a local directory and the user does not even need to download the file to crash the system. Yes, the web browser can not only navigate the Internet, but also browse system files.
The flaw in the way Windows 10 performs error checking drives users directly to a system crash.
The flaw was discovered by researcher Jonas Lykkegaard, who explained it all on his Twitter feed. At the time, Microsoft told Bleeping Computer that it had a "customer commitment to investigate reported security issues and will provide updates to affected devices as soon as possible."
And now that we've explained how it works and why you need to run Windows Update ASAP, we're going to go make sure our own systems are updated.
Comments