WINDOWS users have been urged to update their machines after Microsoft upgraded the threat level of one bug to “critical”.
Experts say it could be worse than the hugely damaging cyberattack that hit the NHS a few years ago.
AlamyUpdate your machine if you haven’t for a while[/caption]
The loophole allows hackers to remotely unleash malicious code onto your devices.
Worryingly, it doesn’t need you to do anything to take hold either.
Nerds at IBM warn that the vulnerability has a “broader scope” than EternalBlue, which was used in the WannaCry ransomware of May 2017.
WannaCry locked thousands of devices in hospitals across the UK and forced doctors to turn away some non-critical emergencies amid the chaos.
The latest flaw could “potentially affect a wider range of Windows systems”, the firm said.
It impacts all PCs using Windows 7 and newer.
Thankfully a patch was made available by Microsoft in September.
Back then it was only rated an “important” fix.
The tech giant believed at the time that the issue only allowed cyber crooks to get hold of some sensitive information.
But on December 13 they escalated it to “critical”.
You should have updates switched on automatically to keep your devices safe.
If you don’t, you should run an update immediately.
The flaw – officially known as CVE-2022-37958 – is thought to be wormable too.
This means it can replicate itself across a network, spreading to other machines.
“We strongly recommend that users and administrators apply the patch immediately to protect against all potential attack vectors,” IBM Security X-Force Red said.
“The fix is included in September 2022 security updates and impacts all systems Windows 7 and newer.”
Valentina Palmiotti, the IBM security researcher who found it, told Ars Technica: “While EternalBlue was an 0-Day, luckily this is an N-Day with a 3 month patching lead time.
“As we’ve seen with other major vulnerabilities over the years, such as MS17-010 which was exploited with EternalBlue, some organizations have been slow deploying patches for several months or lack an accurate inventory of systems exposed to the internet and miss patching systems altogether.”
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
How to delete your Instagram account
What does pending mean on Snapchat?
How to check if you’ve been blocked on WhatsApp
How to drop a pin on Google Maps
How can I change my Facebook password?
How to go live on TikTok
How to clear the cache on an iPhone
What is NFT art?
What is OnlyFans?
What does Meta mean?
Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]