Microsoft just released a major security update for Windows 10, to be installed immediately on the PC. The update, in fact, resolves two critical vulnerabilities discovered by Trend Micro researchers that allowed hackers to remotely take control of the PC and arbitrary code execution. What does it mean? In practice, the hacker can use the computer at will, by starting malicious programs or by stealing users' personal data.
The Redmond company has assured that hackers have hardly used these two vulnerabilities to attack users' PCs, but the likelihood of this happening was very high. Also because it didn't take much to infect a computer: the user only had to open a simple image received by message, which however opened the doors of the computer to the hacker. The two vulnerabilities have been categorized with i codes CVE-2020-1425 and CVE-2020-1457 and were promptly fixed by Microsoft engineers. To protect your PC from these two bugs you need to install the security patch released by Microsoft and available on Windows Update.
Windows 10, an image is enough to hack the PC
Le two security holes discovered by Trend Micro researchers they are so serious that they convinced Microsoft to release an ad hoc update and not wait for the one scheduled for mid-July. What are the two security holes that have targeted Windows 10? Due to some problems with the Windows codec library, hackers could take control of a computer by sending one simple infected image on the user's PC.
If the victim accidentally opened the photo, the hacker could remotely control the PC and execute arbitrary code. In simpler words, he could use the computer as he pleased, stealing the user's personal data or exploiting the PC for illegal practices.
Which operating systems are affected by the vulnerability
Le two vulnerabilities affect all versions of Windows 10 and Windows Server released in recent years. Here is the full list:
- Windows 10 version 1709;
- Windows 10 version 1803;
- Windows 10 version 1809;
- Windows 10 version 1903;
- Windows 10 version 1909;
- Windows 10 version 2004;
- Windows Server 2019
- Windows Server version 1803;
- Windows Server version 1903;
- Windows Server version 1909;
- Windows Server version 2004.
There are also versions that are vulnerable to security vulnerabilities Windows 10 May Update, the latest core update released just over a month ago.
How to download the update
Microsoft has released the security update with the patch that fixes the two vulnerabilities within Windows Update. Just log into the tool and download the latest update available. You need to do this as soon as possible so that no hacker uses these two flaws to take control of your PC.
Windows 10, just an image to hack the PC: what happens