close
close

topicnews · September 11, 2024

Attackers can delete newly installed patches

Attackers can delete newly installed patches

Microsoft has issued a warning about a new, actively exploited security vulnerability in Windows Update. Attackers can use this to roll back updates that have already been sold and thus regain access to vulnerabilities that have already been closed.

Windows 10 affected

Microsoft classifies the vulnerability as critical and gives it a severity rating of 9.8 out of 10. The gap affects the so-called “servicing stack” of Windows 10, version 1507 (also known as Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB). Specifically, systems that have installed the security update dated March 12, 2024 (KB5035858) or other updates up to August 2024 are affected. All later versions of Windows 10 are not affected by this vulnerability.

Microsoft recommends that users of affected systems install the Servicing Stack Update (SSU KB5043936) and the September 2024 Security Update (KB5043083) in exactly that order to fix the vulnerability. No further details on how existing exploits and ongoing attacks work have been released.

The Windows Update vulnerability is just one of four zero-day vulnerabilities currently reported by Microsoft as being actively exploited. So far in 2024, Microsoft has confirmed a total of 21 zero-day attacks that exploit vulnerabilities in the Windows ecosystem.

Current update series

As part of the current Patch Tuesday, the company released updates for around 80 security vulnerabilities in a variety of products and operating system components, including Microsoft Office productivity software, Azure, SQL Server, Windows Admin Center, Remote Desktop Licensing, and the Microsoft Streaming Service. Seven of these vulnerabilities were rated critical, Microsoft’s highest severity rating.

The new security vulnerabilities underscore the ongoing threat situation and the need to install security updates promptly. Microsoft and Adobe therefore advise all users and administrators to install the latest patches immediately in order to ward off possible attacks.

Summary

  • Microsoft warns of critical Windows Update vulnerability
  • Gap allows resetting already installed updates
  • Affects Windows 10, version 1507 through the security update of March 12, 2024
  • Vulnerability severity: 9.8 out of 10
  • Installation of SSU KB5043936 and KB5043083 recommended
  • Part of a series of four actively exploited zero-day vulnerabilities
  • Patchday: Updates for 80 security vulnerabilities released

See also:

You may also like...