Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Windows Microsoft Security

Windows Update Zero-Day Being Exploited To Undo Security Fixes (securityweek.com) 35

wiredmikey shares a report from SecurityWeek: Microsoft on Tuesday raised an alarm for in-the-wild exploitation of a critical flaw in Windows Update, warning that attackers are rolling back security fixes on certain versions of its flagship operating system. The Windows flaw, tagged as CVE-2024-43491 and marked as actively exploited, is rated critical and carries a CVSS severity score of 9.8/10. Redmond's documentation of the bug suggests a downgrade-type attack similar to the 'Windows Downdate' issue discussed at this year's Black Hat conference. Microsoft's bulletin reads: "Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024 -- KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability."

To protect against this exploit, Microsoft says Windows users should install this month's Servicing stack update (SSU KB5043936) and the September 2024 Windows security update (KB5043083), in that order.
This discussion has been archived. No new comments can be posted.

Windows Update Zero-Day Being Exploited To Undo Security Fixes

Comments Filter:
  • by GotNoRice ( 7207988 ) on Tuesday September 10, 2024 @07:22PM (#64778405)
    This only applies if you are running the original release version of Windows 10 (Why would you be running Windows 10 and NOT upgrade to 22H2? or at least LTSC 21H2?), or a very old IoT version that is only used in kiosks (old kiosks in this case).
  • My inactive laptop sitting over there as an emergency backup started ramping up it's fan again today. I guess I should check to see if it crashed while updating...
  • At least some things in this world are reliable.

  • by Torodung ( 31985 ) on Wednesday September 11, 2024 @09:46AM (#64779761) Journal

    ZOMG! Zero-day exploit, in the first release of Windows 10.

    Who on earth is still on that version of 10?

    • ZOMG! Zero-day exploit, in the first release of Windows 10.

      Who on earth is still on that version of 10?

      You never know. You may have an ID ten tee user error going on. You might have some honeypot machines looking to see whom they can trap, or maybe a testing lab that does regression testing. There are several reasons... some legitimate, some not. I've worked with systems in the past that had to use the original installation with no updates... as idiotic as I thought it was. It was some kind of "business decision" and like it or not, I did not have the authority to update the machines.

Everybody needs a little love sometime; stop hacking and fall in love!

Working...