Security News > 2021 > February > Microsoft urges customers to patch critical Windows TCP/IP bugs
Microsoft has urged customers today to install security updates for three Windows TCP/IP vulnerabilities rated as critical and high severity as soon as possible.
The three TCP/IP security vulnerabilities impact computers running Windows client and server versions starting with Windows 7 and higher.
"The DoS exploits for these CVEs would allow a remote attacker to cause a stop error. Customers might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic," the Microsoft Security Response Center team said.
"We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move quickly to apply Windows security updates this month."
While Microsoft says that it is vital to apply today's security updates on all Windows devices as soon as possible, the company also provides workarounds for those who can't immediately deploy them.
The IPv4 workaround requires hardening against the use of Source Routing, normally disallowed in Windows default state.
News URL
Related news
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)