Hacker News say update MS Windows immediately to patch new 0-Day attacks

joomla help support cheshire manchester merseyside north west uk9 November 2021.

The Hacker News report that "Microsoft has released security updates as part of its monthly Patch Tuesday release cycle to address 55 vulnerabilities across Windows etc including fixes for two actively exploited zero-day flaws in Excel and Exchange Server that could be abused to take control of an affected system".

A zero-day attack patch is issued by developers when they discover a flaw which has been exploited without their knowledge. 

Source: The Hacker News.

Read more: Microsoft Issues Patches for Actively Exploited 0-Day Bugs.

 

Update: 25 November 2021

The Hacker News report that hackers "are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability" affecting the Windows Installer component which was originally resolved when Microsoft issued their patch at the beginning of November.

Hacker News comment that this turned out to be "an insufficient patch" and say they have reached out to Microsoft for comment i.e. when will a further patch be issued, but have not yet received a response.

Read more: Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild.

 

Update Microsoft Windows to the latest release

By default the Windows OS should update automatically.

But to be on the safe side, you should still check you are using the latest release.

"To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates." (Hacker News).

 

About The Hacker News

"The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts."

Subscribe to The Hacker News newsletter when you visit the following link.

Read more: About 'The Hacker News' Media.

 

Protect your device, browser & web connection

When thinking about website security, it is easy to overlook the:

  • device (operating system) used to connect to your website,
  • the way you connect (your web browser) to the internet, and
  • how you connect (in the clear or via encryption).

Read more: Protect your device, browser & web connection.

 

Make Joomla! CMS Security YOUR #1 Priority

joomla support cheshire manchester merseyside north west ukWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.