If you have been postponing the installation of this month’s Patch Tuesday you may want to think again, as Microsoft reveals the serious flaws the software update fixes.
One of the fixes is for a “critical”-rated remote code execution vulnerability in how Windows Search handles objects in memory, allowing a full takeover of an affected computer, which would allow an attacker to install programs; view, change or delete data; or create new accounts with full user right and otherwise take full control of your PC.
Like the WannaCry ransomware, the attack could be launched over an enterprise network through an SMB connection, meaning it could spread like wildfire if unpatched.
“This is by far the most critical bug for this month,” says Dustin Childs at the Zero Day Initiative, which reports CVE-2017-8620 is “under active attack.” A previous Search flaw also allowed a malicious SMB request to execute code on target machines.
The exploit is possible on all Windows 7, Windows 10 and even Windows Server installations.
A second flaw in the legacy JET database engine could also allow an attacker to take full control of a computer but would need some action by a user, by opening a file from a malicious email.
Patch Tuesday fixed 48 other vulnerabilities. Fifteen affect Windows, 25 were rated as critical, 21 as important, and 27 could result in remote code execution if exploited. The patches address problems in Windows, Internet Explorer, Microsoft Edge, SharePoint, SQL Server, Hyper-V, the subsystem for Linux, and Kernel.
Microsoft urges Windows users to keep their PCs up to date as the best measure of the increasing number of security threats currently being launched around the world.