On the latest Patch Tuesday, Microsoft released 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two Windows Zero-day vulnerabilities, several variants of the Meltdown/Spectre memory flaws and .lNK extension problem. This article will introduce the main vulnerabilities you may want to learn and provide some useful tips to help you reduce the risk of vulnerability attacks.
How do Windows 0-day, Meltdown/Spectre, and .lNK extension vulnerabilities work?
The two Zero-day vulnerabilities both allow attackers to take control of the affected system then install programs even malware; view, change, or delete data; or create new accounts remotely. One exists in the way that the scripting engine handles objects in memory in Internet Explorer. The other exists when the Windows Shell does not properly validate file paths.
Meltdown/Spectre memory flaws and its variants are the serious chip-level security bugs that a hacker could access the entire memory of a vulnerable computer running Windows. Passwords, log-ins, files cached by applications and other important sensitive data could be read by a hacker.
.lNK extension vulnerability could give attackers the administrative user rights on the target system to present to the user a removable drive, or remote share, that contains a malicious file with .LNK extension. The attacker could use the malicious file to execute code of its choice.
How to prevent from being attacked by hackers due to system vulnerabilities like those?
It could be an option to turn on Windows Updates to get the patches immediately once they’re available. But some other updates in Windows 10 might cause stability issues for some users. So there’re third-party programs that specifically provide vulnerability fixing service to help users to update security patches in real-time. Advanced SystemCare 11 can scan Windows vulnerabilities and download hot-patches directly from Microsoft server. This module is designed to help Windows users to fix critical security bugs in real time and prevent hacking.
Advanced SystemCare 11: Simply select "Vulnerability Fix" to get any important Windows security updates in the future and reduce the risk of being attacked by hackers