NEW YORK–Credit unions will want to pay attention to two emergency Windows updates announced by Microsoft in order to protect against "critical" and "important" vulnerabilities impacting Internet Explorer and Windows Defender, the anti-virus software.
The Internet Explorer flaw, which affects versions 9, 10 and 11, could enable attackers to gain the same user rights as the current user and infect a computer. Although Microsoft replaced Internet Explorer with the Edge browser in Windows 10, the software is still pre-installed on all versions of Windows, analysts are cautioning.
The Windows Defender bug makes it possible for a remote attacker to take over a target system and prevent legitimate users from using the software, reported CNN.
Users must install the security update for Internet Explorer manually as Microsoft will not release an updated scan file until the next security release in October 2020, but the update for Windows Defender will be installed automatically, the report added.
Better a Blue Screen Than…
“Recently there have been complaints from users about Windows updates breaking and slowing computers, which could deter users from installing the updates,” CNN said, “However, Gartner analyst Peter Firstbrook told CNN Business that users should go ahead with the updates because a blue screen is much easier to cleanup than an attack.
Although it might seem like bad updates are a common occurrence, Firstbrook told CNN attacks are actually more frequent. Bad updates typically receive more user reaction compared to attacks that occur when users don't install updates.