Look, before we even get into the meat of what the problems were, if you’re on Windows, make sure you’ve got the latest updates. Yesterday’s “Patch Tuesday” brought with it fixes for nearly 80 different security bugs across just about every single Microsoft product, but the real worry has to do with a zero-day bug that has now been patched.
Actually, sorry; make that four zero-days. If you’re not up on your security jargon, a ‘zero-day’ is a security exploit that is already being actively abused when it is discovered. Indeed, Microsoft sewed up zero-day flaws in Office Publisher, Windows Mark of the Web, the Windows Installer, and Windows Update in this month’s update rollup.
The flaw seems to have actually been caused by Microsoft itself, as the vulnerabilities that offered the attack surface were actually already patched once, but a security update released in March broke the mitigations for those vulnerabilities. As we noted, the flaw only affects Windows 10, but the other, less-severe zero-days are more general and include Windows 11.
Ultimately, what you need to know is that Microsoft has these problems all patched up. Simply download the latest security updates—your machine probably did this for you already—and you can sleep soundly, secure in the knowledge that a new cybersecurity nightmare will pop up next week.