Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.
June’s Patch Tuesday addresses just 49 security holes — about half the normal number of vulnerabilities lately. But what this month lacks in volume it makes up for in urgency: Microsoft warns that bad guys are leveraging a half-dozen of those weaknesses to break into computers in targeted attacks.
Among the zero-days are:
–CVE-2021-33742 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-33742), a remote code execution bug in a Windows HTML component.
–CVE-2021-31955 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31955), an information disclosure bug in the Windows Kernel
–CVE-2021-31956 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31956), an elevation of privilege flaw in Windows NTFS
–CVE-2021-33739 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-33739), an elevation of privilege flaw in the Microsoft Desktop Window Manager
–CVE-2021-31201 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31201), an elevation of privilege flaw in the Microsoft Enhanced Cryptographic Provider
–CVE-2021-31199 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31199), an elevation of privilege flaw in the Microsoft Enhanced Cryptographic Provider
Microsoft also patched five critical bugs — flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users. CVE-2021-31959 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31959) affects everything from Windows 7 through Windows 10 and Server versions 2008, 2012, 2016 and 2019.
Sharepoint also got a critical update in CVE-2021-31963 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31963); Microsoft says this one is less likely to be exploited, but then critical Sharepoint flaws are a favorite target of ransomware criminals.
How to manually check for Updates in Windows 10
Open Start Menu and click on Settings > Update & Security settings
Here, press on the Check for updates button.
If any updates are available, they will be offered to you.
If Windows Update says that your PC is up to date, it means that you have all the updates that are currently available for your system.
If you are looking for details on the latest updates, click on the Details link. More details about the updates will then be shown to you.
If you need more information about the updates, click on the Learn more link. Every update comes with a KB number. Here for example you can see update KB3103688 being offered. You could search on your favorite search engine using this KB number. Relevant results about the update are sure to be offered.
You can make your Windows 10 receive updates for other Microsoft products and software, like Office, when you update Windows.