Thousands of Security Vulnerabilities Exposed: The Cyberattack That Reverses Software Updates
It's always recommended to install software updates to strengthen your system's security. However, a new malware threat could undo this protection.
When you start your computer, it often prompts you to install updates that contain improvements and security patches. But recently, an expert has revealed how the Windows update mechanism can be manipulated through "functional degradation" cyberattacks.
This type of hacking exploits two security flaws that Microsoft has yet to close (CVE-2024-38202 and CVE-2024-21302). The Windows updates that have already been installed are rolled back, reopening hundreds of old security vulnerabilities.
The worst part is that the Windows system doesn't recognize this. If you check the update settings, the operating system reports that all updates are installed. Users also remain unaware, but the threat is still present.
To demonstrate this, the expert developed a tool called "Windows Downdate," which can specifically reopen vulnerabilities that have already been patched.
This allows critical components of the operating system, such as DLL files, drivers, and even the Windows kernel, to be reverted to an earlier version without Windows detecting it. After a successful attack, Windows will still report that it's up to date and will no longer install future security updates.
Microsoft is currently working to close the two underlying vulnerabilities behind this attack. According to the company, no attempts to exploit this vulnerability have been reported so far.
In the meantime, Microsoft advises businesses to follow the security recommendations published on their website to reduce the risks of a wide scale attack. No specific information has been provided for private users. We. would advise that you take your usual security precautions if you think that you are concerned by these security risks.
Since local access to the system is required for a successful attack, standard security practices should be sufficient until a patch is available. This includes keeping the operating system and programs up to date, using functional antivirus protection, setting secure passwords, and exercising caution with emails and file downloads from the internet.