Microsoft’s October Patch Tuesday Includes 118 Fixes

We’ve covered Microsoft’s past few Patch Tuesday updates, as they’ve recently included some important security fixes. The company’s October update is no exception, including fixes for 118 security vulnerabilities for Windows.

According to The Hacker News, 113 of these flaws and rated as “Important,” while two are labeled “Moderate,” and three as “Critical.” While all flaws are important to patch, there are five here that are particularly pressing, and make this update one to install immediately.

Microsoft says five of these patched vulnerabilities are “publicly known,” which is bad news from a security standpoint. Ideally, developers catch vulnerabilities before they are publicly known, and do not disclose their identity until a patch is available. This reduces the chances bad actors will figure out a way to exploit the vulnerability. However, these fives are publicly known, which means the chances of exploit discovery are much higher than normal.

To make matters worse, two of these vulnerabilities are actively exploited. That means if you’re running a version of Windows older than this patch, you are also running two security flaws that some actors know how to take advantage of.

The five flaws in question are as follows:

CVE-2024-43572: Microsoft Management Console Remote Code Execution Vulnerability (Actively exploited)

CVE-2024-43573: Windows MSHTML Platform Spoofing Vulnerability (Actively exploited)

CVE-2024-43583 Winlogon Elevation of Privilege Vulnerability

CVE-2024-20659 Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2024-6197 Open Source Curl Remote Code Execution Vulnerability

It’s important you update your PC as soon as possible to patch these bugs. To do so, go to Start > Settings > Windows Update (Windows 11) or Start > Settings > Update & Security > Windows Update (Windows 10).