Microsoft is urging Windows 10 users to update their operating systems immediately because of two critical vulnerabilities.
Microsoft’s Director of Incident Response, Simon Pope, said the vulnerabilities are potentially “wormable,” meaning malware could spread between vulnerable computers without any action on the user’s part.
“It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these,” Pope wrote in a blog post.
You can get the download from the Microsoft Security Update Guide.
Ethical hacker and founder of Springs-based Firma IT Solutions, Rodney Gullatte Jr., said he’s been tracking the vulnerability, and not enough businesses understand how critical these updates and patches are.
“I see vulnerable businesses all day, and a lot of them are doing nothing to protect themselves,” he said. “They think because their computers work that it’s OK; they’re not willing to make an investment. But these are the type of things they’re vulnerable to.
“This is just what came out this week, but there are vulnerabilities out every day that don’t always get a lot of attention — and some of them are as bad or worse than this.
“Those updates have got to get done — it’s standard hygiene but people aren’t doing it,” he added. “If they don’t know what they’re doing, they need to get professional help.”
Gullatte noted that Windows customers who have automatic updates enabled should be automatically protected but “automatic updates can glitch” — so users need to check that they’re operating as intended.
The affected versions of Windows are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.