Unscheduled fixes for critical Windows flaws delivered through rare channel

Source: Ars Technica

Article note: Oh boy, distributing critical updates through a side-channel (Microsoft Store) that many enterprise (and some personal) customers have disabled instead of the update channel (Windows Update) just for this kind of thing. There must be a reason, but wtf?
Stylized illustration of a padlock.

Enlarge (credit: Microsoft)

Microsoft has published unscheduled fixes for two critical vulnerabilities that make it possible for attackers to execute malicious code on computers running any version of Windows 10.

Unlike the vast majority of Windows patches, the ones released on Tuesday were delivered through the Microsoft Store. The normal channel for operating System security fixes is Windows Update. Advisories here and here said users need not take any action to automatically receive and install the fixes.

“Affected customers will be automatically updated by Microsoft Store. Customers do not need to take any action to receive the update,” both advisories said. “Alternatively, customers who want to receive the update immediately can check for updates with the Microsoft Store App; more information on this process can be found here.”

Read 3 remaining paragraphs | Comments

This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *