Windows 10 has two critical vulnerabilities; update now to avoid infection

Windows 10 has two critical vulnerabilities; update now to avoid infection

If you’re running any version of Windows 10, you should update your computer as soon as possible. Microsoft recently alerted users that it patched two critical remote code execution (RCE) “wormable” vulnerabilities, which could have allowed hackers to spread malware to both your — and others — PCs without your knowledge or any interaction.

Currently, these two new RCE vulnerabilities — code-named CVE-2019-1181 and CVE-2019-1182 — only impact Windows 10. The older versions of Microsoft’s operating systems are not impacted.

In a blog post, Microsoft makes it clear that third-parties were not aware of the vulnerability, which means that hackers likely did not use it to their advantage. However, the company is encouraging Windows users to update Windows 10 right away, if they aren’t already installed patches via Automatic Updates.

“These vulnerabilities were discovered by Microsoft during hardening of Remote Desktop Services as part of our continual focus on strengthening the security of our products.” “It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these,” wrote Simon Pope,  the director of Incident Response at Microsoft Security Response Center.

The impacts of these RCE vulnerabilities are fairly similar to a “Bluekeep” vulnerability which previously affected Windows 7, Windows XP, Windows Server 2008 R2, and Windows Server 2008 PCs in June. According to Microsoft, if a hacker were able to leverage this vulnerability, he or she could have executed “arbitrary ..