Computer security is a never-ending battle, but this week Microsoft is giving its users some extra ammunition. The latest Patch Tuesday update, rolling out now to both Windows 10 and 11, addresses a zero-day vulnerability that’s being actively exploited in the wild. Your machine might have been updated already — if not, apply the December 13th patch via Windows Update ASAP (Start > Settings > Update & Security > Windows Update).
According to Bleeping Computer, the zero-day vulnerability allowed attacks via JavaScript files that could bypass Windows’ standard security alerts for downloading executable files. This in turn would let an attack evade Microsoft Office’s Protected View system. The attack would rely on basic phishing techniques, requiring the user to open a specific file or access an infected website, after which the Magniber ransomware can be installed and encrypt user files remotely.
Various security researchers have observed this vector being used to install malware on the web via the Javascript vulnerability, so this is an active threat. Campaigns have been specifically targeting email data for banking and other financial institutions to be used in follow-up attacks. The issue addressed is labeled “CVE-2022-44698” in Microsoft’s bug tracking system. CVE-2022-44710, another zero-day issue which isn’t known to be a threat in the wild, was also patched.
Author: Michael Crider, Staff Writer, PCWorld
Michael is a 10-year veteran of technology journalism, covering everything from Apple to ZTE. On PCWorld he's the resident keyboard nut, always using a new one for a review and building a new mechanical board or expanding his desktop "battlestation" in his off hours. Michael's previous bylines include Android Police, Digital Trends, Wired, Lifehacker, and How-To Geek, and he's covered events like CES and Mobile World Congress live. Michael lives in Pennsylvania where he's always looking forward to his next kayaking trip.