Time to update your PC after reports of exploited vulnerability in Windows

We’ve seen multiple security flaws in Windows in the past couple of months. It's important to mention that Windows has always had its fair share of vulnerabilities, and the latest version has proven not to be an exception.

On May 10, Microsoft released a patch update with additional 74 different vulnerabilities. That is a large number, but not all of them are significant threats. However, there's evidence that cybercriminals have exploited one of those vulnerabilities repeatedly.

It’s essential to keep track of potential threats so that you can know how to protect your device and all your personal information.

The biggest threat revealed

This update has highlighted the CVE-2022026925 vulnerability as one of the most dangerous vulnerabilities in the Windows Local Security Authority. Even though its score on the CVSS scale is 8.1, this is still a big liability because Microsoft experts say this vulnerability becomes much stronger when combined with NTLM Relay attacks.

In this scenario, the score climbs to 9.8 because the CVE-2022-26925 allows attackers to use domain controllers for authentication. This liability affects all Windows OS versions from Windows 7 and all the later versions to make matters worse.

There were no specifics announced about how this vulnerability can be exploited but based on the report – it’s clear that attackers have used this weakness. With the new fix, the system can detect anonymous connections coming from the Local Security Authority Remote Protocol and deny them.

CISA removed the threat from its patch log

CISA has removed this bug from its log that details all vulnerabilities exploited by hackers in a somewhat controversial event. The US Cybersecurity and Infrastructure Security Agency stated that they would temporarily remove the fix for the issue.

Microsoft notified the agency about this issue, and soon enough, it was added to their list of bugs. The controversy surrounding removing the issue is mainly because there is still no concrete proof that this problem will no longer exist.

Even though Microsoft has released an update with fixes, there’s still no 100% certainty that this bug won’t be exploited in the future by attackers. At the same time, federal agencies have been given three weeks to deal with the issue by CISA.

Microsoft has patched the issue

Microsoft has released different fixes for the CVE-2022-26925 problem on Patch Tuesday in May 2022. The security update fixes the issue with actual attacks and Windows LSA Spoofing, but this is the second time the company is fixing the problem.

The Petit Potam vulnerability was first discovered in 2021, and even though the company initially claimed the bug wasn't there anymore, it was still present. So, many people are still skeptical about the solution and think that CISA has removed the issue from the catalog too early.

The latest security fix has also addressed other issues that were categorized as critical. That includes the CVE-2022-26937 vulnerability, CVE-2022-29130, and CVE-2022-22012, also previously known to the public. However, these vulnerabilities weren’t a hot topic since no one exploited them.

Ways to protect yourself

The first thing every Windows user should do is install the recent update released by Microsoft. While users choose to disable automatic updates, the best option would be to keep this setting. Of course, updates might start at inconvenient times. However, your device will always be protected.

Some users have already reported that they couldn’t get the update for their OS, and if this is the case with your device, go to the official Security Updates page and read the guide. You can also use the FAQ, Mitigation, and Workaround section to get helpful information.

Another option for safeguarding your device is a reliable antivirus tool. Windows comes with a default security tool called Windows Defender. However, many factors determine whether this application will be enough for you. It might be that third-party programs will do a better job, depending on your preferences.

So, follow the necessary steps, and hopefully, you will be able to reduce your system’s vulnerabilities. On the other hand, users should also consider their internet connection and whether it is secure enough. After all, you perform various confidential operations on your computer. Therefore, getting a PC VPN is an excellent addition to your security. A Virtual Private Network encrypts internet traffic, preventing attempts to steal information in transit.

Conclusion

Even though Windows is the most popular operating system in the world, serving as the main platform for many devices, it’s still not perfect. Recent events have proven that Microsoft still has a long way regarding security and privacy.

Users can’t put their online security into the hands of big companies and need to try to protect themselves. Luckily, every user can acquire many solutions individually to reinforce their protection.

(Devdiscourse's journalists were not involved in the production of this article. The facts and opinions appearing in the article do not reflect the views of Devdiscourse and Devdiscourse does not claim any responsibility for the same.)