Jakarta – Microsoft has warned Windows 10 users to immediately update the operating system with the latest update patch.
In the Windows 10 ‘Patch Tuesday’ update, Microsoft has rolled out a fix to fix 117 vulnerabilities.
It states that 103 of these loopholes are classified as ‘important’ and another 13 considered ‘critical’, including a fix for the PrintNightmare exploit.
“This number of fixes is a composite of the last two months,” said the Zero Day Initiative (ZDI), a global community that researches loopholes in software. Forbes, Sunday, July 18, 2121.
ZDI also highlights four actively exploited attacks of particular concern such as CVE-2021-34527 (PrintNightmare), CVE-2021-34448 (a vulnerability that reduces memory), to CVE-2021-31979 and CVE-2021-33771 (a vulnerability that attacks privileges).
These four loopholes are the most serious types of hacks Windows users face today.
Reports say there is a new hacking loophole via CVE-2021-34466.
This is an attack on Windows Hello, Microsoft’s popular login system that uses fingerprint and facial recognition.
Microsoft states that about 85 percent of all Windows 10 devices currently use Windows Hello.
The Security Research Team, CyberArk Labs, discovered that any USB device, such as a webcam, can be cloned. This USB device can also emulate other USB devices.
“The operating system could not validate the authenticity of the device,” he said.
However, CyberArk said the update provided by the latest Windows did not completely fix the gap in Windows Hello.
According to him, Windows Hello uses a USB-connected camera to get input in authenticating facial recognition.
Unfortunately, USB devices are not designed to offer a validation mechanism. This means that most USB devices can be faked.
“It makes Windows Hello trust camera input without the ability to verify the authenticity of the data,” said Omer Tsarfati, researcher at CyberArk.
According to him, this problem can only be completely fixed by creating trust between the camera and the OS.
But, it requires camera hardware and software to support it.
Here’s how to update Windows 10:
•Buka Windows Settings > Updates & Security > Windows Update
•Klik “Check for updates”
Restart the device after the update. []
Read too
–
