Time for another Patch Tuesday! This week’s Patch Tuesday was the second biggest ever (the biggest was last month, June 2020), with 123 fixes released.
What is Patch Tuesday?
On the second Tuesday of each month (dubbed “Patch Tuesday”, Microsoft rolls out its latest set of security patches for its operating systems and software.
Applying patches to fix vulnerabilities is a key component of best cybersecurity practices; leaving gaping holes in your security is an open invitation for criminal attacks. By default, Windows 10 handles patches automatically; however, the inconvenience of having to stop and wait for updates to be completed usually prompts users to put off the task—and put it off, and put it off. This is the wrong time to procrastinate, though; every hour your systems are left unpatched is another hour criminals can spend working to infiltrate your network.
The Second Biggest Patch Tuesday Ever
The patch update includes:
- 123 patches overall
- 18 Critical vulnerabilities
- 105 Important vulnerabilities
- A wormable Critical DNS weakness with a severity score of 10 that enables attackers to remotely execute code on your Windows server
The full list of vulnerabilities and fixes can be found here.
Why It’s Important to Patch Quickly
To understand why patching is essential, let’s first look at what sort of problems patches solve:
- Vulnerability: In terms of software, a vulnerability is a weakness in the code or structure of the program that allows the code to be overwritten or modified from its original purpose.
- Exploit: This is a bit of code that helps criminals leverage a vulnerability to gain access to a system or network.
- Zero-day: A combination of an exploit and a vulnerability in a way that is new or against which there are no known defenses or protections. No patch has been created for the weakness, and security systems like firewall or antivirus aren’t able to recognize it as malicious.
The other factor is that Patch Tuesday is followed every month by Hack Wednesday. Sometimes the patch update list includes vulnerabilities that were previously unknown to hackers, prompting a race to create exploits and wreak as much havoc as possible before users install the patches.
How to Install Patches
If you’re on Windows 10, go to Start > Settings > Update & Security > Windows Update. This is where you can check for new updates and make sure your settings aren’t blocking the automatic update process.
For companies with tens or hundreds of devices, keeping up to date on new vulnerabilities and exploits can be a pain. We’re constantly monitoring the net and news to make sure your team stays informed. Follow us on Facebook or Twitter for regular vulnerability updates and cybersecurity news. To see more of our team, follow us on Instagram. To get an elite cybersecurity partner, call us today at 877-284-7789.