Microsoft has released a new cumulative update for Windows 10, as part of its Patch Tuesday maintenance and security rollout. On top of the regular bug fixes and improvements, this update also contains patches deemed ‘Critical’ for Windows security. This was also the last update for Windows 8.0 and Internet Explorer 8, 9 and 10 users.
Last night’s update, KB3124266, brings a bunch of patches and fixes that address security vulnerabilities both in Windows 10 and in previous versions of Windows. These include a patch for the Windows kernel that could allow an attacker to gain control of a system if he was able to log on. A second patch in this category was for kernel-mode drivers, where a vulnerability could allow an attacker to gain control of a system if the user visited a malicious website. This second patch was deemed critical for many versions of Windows, but only ‘Important’ for Windows 8 and newer.
Other ‘Critical’ updates included in last night’s software package were aimed at fixing important security flaws in Microsoft Edge and many versions of Internet Explorer. These flaws could allow remote code execution if users visited a maliciously crafted website. Finally there are a few more 'important' patches as well as general maintenance bug fixes.
As this was a cumulative update, not everyone is getting all of these patches. For example, those on the current insider build of Redstone already had some of these patches installed on their systems, while those running Citrix XenDesktop won’t get the update at all, due to a major compatibility issue. Still, for everyone else, we recommend you install this latest update as soon as possible through Windows Update.