If you are running Windows on your devices, this story is critically important to you. You see, recently, a significant security breach rocked Microsoft. Luckily its tech experts were able to fix it – and you can avoid the trouble they found by following this story.
However, this is an important reminder for all of us to always have our devices as up-to-date as possible and to be on the lookout for potential scammers trying to obtain our private information.
What was the security issue with Microsoft?
Hackers figured out a way to bypass a security feature on Windows devices by using standalone JavaScript files to exploit what is known as CVE-2022-44698 zero-day, or SmartScreen. By exploiting this, the hackers were able to override SmartScreen, a warning popup designed to appear when suspicious activity is being downloaded onto a Windows device.
Once this was done, hackers could trick Windows users into downloading malicious content onto their devices because there was no warning to stop them from doing so.
How did the hackers manage to exploit the security feature?
Experts at Microsoft closely examined the issue and discovered that there are only 3 possible ways for the security feature to have been exploited:
- The hacker could have hosted a malicious website that exploited the security feature bypass
- The hacker could have sent the victim a specially crafted URL file via email to exploit the bypass
- The security feature bypass could be exploited via compromised websites or websites that accept or host user-provided content
How was the issue resolved?
With their latest update, Microsoft was able to fix the issue during their December 2022 Patch Tuesday, a day held monthly when the company releases patches for their software issues. Along with this issue, Microsoft patched nearly 50 potentially dangerous issues with their software.
How can I avoid being hacked in the future?
There are two key steps that you can take today to avoid the hassle of dealing with your device being hacked in the future.
Update your Windows operating system
Make sure your device is always up-to-date and that you have automatic software updates turned on at all times
Windows 11
- Clicking the Start Button
- Click Settings
- Click Windows updates
- Click Check for updates
If you’re on Windows 10
- Clicking the Start Button
- Click Settings
- Click Update & Security
- Click Windows update
- Click Check for updates
Of course, before you update your computer be sure to back up your devices as a safety precaution if anything should go wrong.
Use antivirus software to scan and protect your devices from potential attacks
The most important and necessary way for you to protect your device from all types of malware is by installing solid antivirus software. We recommend you use TotalAV. Limited-time deal for CyberGuy readers: $19 your first year (80% off). It’s super easy to install and you’ll have peace of mind knowing you’ll have real-time protection, phishing scam protection, ransomware protection plus more. Protects Windows, Mac, Android & iOS Devices.
For more information on what to do if your computer is hacked, click here.
Related:
- Is my computer too old for an Apple Update?
- How hackers can craft an attack from your social media profile
- Beware of malware disguised as legitimate apps